CVE-2013-7335

MEDIUM4.0EPSS 0.27%

DotNetNuke (DNN) Open redirect vulnerability

Published: 5/17/2022Modified: 2/16/2024

Description

Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

Affected packages (1)

NuGet/DotNetNuke.Corefrom 0, < 6.2.9

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	MEDIUM4.0	CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:L/A:N

References (4)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2013-7335
PATCHhttps://github.com/dnnsoftware/Dnn.Platform
WEBhttp://www.dnnsoftware.com/platform/manage/security-center
WEBhttp://www.securityfocus.com/bid/61809