QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2025-59548

Back to search

CVE-2025-59548

Published: Sep 23, 2025

Modified: Sep 23, 2025

PUBLISHED

Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 10.1.0, specially crafted URLs to the FileBrowser are vulnerable to javascript injection, affecting any unsuspecting user clicking such link. This issue has been patched in version 10.1.0.

VendorProductVersions

dnnsoftware

Dnn.Platform

affected
< 10.1.0

Weaknesses (CWE)

CWE-79

References

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now