Detections
Analytics

DNN (DotNetNuke) Language Flag Selector Culture XSS

medium Nessus Plugin ID 66527

Language:

Synopsis

The remote web server contains an ASP.NET application that is affected by a cross-site scripting vulnerability.

Description

The version of DNN installed on the remote host is affected by a cross-site scripting vulnerability due to the application failing to properly sanitize user-supplied input when multiple languages are selected in the flag selector. An unauthenticated, remote attacker can exploit this, via a specially crafted request, to execute arbitrary script code in a user's browser session.

Note that this issue is mitigated by requiring that more than one language be enabled and that the site must use the core language skin object.

Note also that the application is reportedly affected by an open-redirection vulnerability, although Nessus has not tested for this issue.

Solution

Upgrade to DNN version 6.2.7 / 7.0.5 or later.

See Also

http://www.nessus.org/u?b1cf7f79

https://www.dnnsoftware.com/community/security/security-center

Plugin Details

Severity: Medium

ID: 66527

File Name: dotnetnuke_language_flag_selector_xss.nasl

Version: 1.10

Type: remote

Published: 5/21/2013

Updated: 4/7/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Temporal Score: 3.6

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N

Vulnerability Information

CPE: cpe:/a:dotnetnuke:dotnetnuke

Required KB Items: installed_sw/DNN

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Patch Publication Date: 4/3/2013

Vulnerability Publication Date: 4/3/2013

Reference Information

BID: 58903

CWE: 20, 442, 629, 711, 712, 722, 725, 74, 750, 751, 79, 800, 801, 809, 811, 864, 900, 928, 931, 990