CVE-2012-1030
DotNetNuke 6.x-6.0.2 - XSS
Title source: llmDescription
Cross-site scripting (XSS) vulnerability in DotNetNuke 6.x through 6.0.2 allows user-assisted remote attackers to inject arbitrary web script or HTML via a crafted URL containing text that is used within a modal popup.
Scores
EPSS
0.0026
EPSS Percentile
49.4%
Classification
CWE
CWE-79
Status
published
Affected Products (4)
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
n/a/n/a
Timeline
Published
Apr 11, 2012
Tracked Since
Feb 18, 2026