EPSS
Percentile
93.1%
Dnn.Platform is vulnerable to information disclosure. The vulnerability is due to the incomplete fix of CVE-2018-15811 where it encrypts the input parameters using a weak encryption algorithm during the installation.
packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.html
github.com/dnnsoftware/Dnn.Platform/releases
www.dnnsoftware.com/community/security/security-center
www.sourceclear.com/vulnerability-database/vulnerabilities/20651