CVE-2013-7335

DotNetNuke <6.2.9, <7.1.1 - Open Redirect

Title source: llm
STIX 2.1

Description

Open redirect vulnerability in DotNetNuke (DNN) before 6.2.9 and 7.x before 7.1.1 allows remote attackers to redirect users to arbitrary web sites and conduct phishing attacks via unspecified vectors.

References (3)

Core 3
Core References
Vendor Advisory third-party-advisory x_refsource_secunia
http://secunia.com/advisories/53493
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/61809
Patch, Vendor Advisory x_refsource_confirm
http://www.dnnsoftware.com/platform/manage/security-center

Scores

EPSS 0.0027
EPSS Percentile 50.8%

Details

CWE
CWE-20
Status published
Products (50)
dnnsoftware/dotnetnuke 1.0.6
dnnsoftware/dotnetnuke 1.0.7
dnnsoftware/dotnetnuke 1.0.8
dnnsoftware/dotnetnuke 1.0.9
dnnsoftware/dotnetnuke 1.0.10d
dnnsoftware/dotnetnuke 1.0.10e
dnnsoftware/dotnetnuke 2.1.1
dnnsoftware/dotnetnuke 2.1.2
dnnsoftware/dotnetnuke 3.0.7
dnnsoftware/dotnetnuke 3.0.8
... and 40 more
Published Mar 12, 2014
Tracked Since Feb 18, 2026