CVE-2007-0660
DotNetNuke IFrame < 03.02.01 - Cross-Site Scripting via Pass-Through Values
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in the IFrame module before 03.02.01 for DotNetNuke (DNN) allows remote attackers to inject arbitrary web script or HTML via unspecified vectors related to "Pass through values."
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/32037
Various Sources x_refsource_confirm
http://www.dotnetnuke.com/Default.aspx?tabid=825&EntryID=1278
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/22334
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/36476
Third Party Advisory vdb-entry
x_refsource_vupen
http://www.vupen.com/english/advisories/2007/0433
Scores
EPSS
0.0124
EPSS Percentile
79.5%
Details
Status
published
Products (3)
dotnetnuke/dotnetnuke_iframe
03.02.00
dotnetnuke/dotnetnuke_iframe
< 03.01.01
nuget/DotNetNuke.Core
0 - 03.02.01NuGet
Published
Feb 01, 2007
Tracked Since
Feb 18, 2026