CVE-2012-1036

DotNetNuke <5.6.4, <6.1.0 - XSS

Title source: llm

Description

Cross-site scripting (XSS) vulnerability in the telerik HTML editor in DotNetNuke before 5.6.4 and 6.x before 6.1.0 allows remote attackers to inject arbitrary web script or HTML via a message.

References (2)

Scores

EPSS 0.0026
EPSS Percentile 49.4%

Classification

CWE
CWE-79
Status published

Affected Products (34)

dotnetnuke/dotnetnuke < 5.6.3
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
dotnetnuke/dotnetnuke
... and 19 more

Timeline

Published Apr 11, 2012
Tracked Since Feb 18, 2026