DotNetNuke < 3.0.12 Multiple XSS

Copyright (C) 2005-2015 Josh Zlatin-Amishav

Synopsis :

The remote host contains an ASP application that is affected by
multiple input validation flaws.

Description :

The remote host is running DotNetNuke, a portal written in ASP.

The remote installation of DotNetNuke, according to its version
number, contains several input validation flaws leading to the
execution of attacker supplied HTML and script code.

See also :

Solution :

Upgrade to version 3.0.12 or later.

Risk factor :

Medium / CVSS Base Score : 4.3
CVSS Temporal Score : 4.3
Public Exploit Available : true

Family: CGI abuses : XSS

Nessus Plugin ID: 18505 (dotnetnuke_xss.nasl)

Bugtraq ID: 13644

CVE ID: CVE-2005-0040