CVE-2026-24836 | dnnsoftware Dnn.Platform up to 9.13.9/10.1.x Persona Bar cross site scripting (GHSA-2g5g-hcgh-q3rp)

Inserito da Angelo Barbosa | Gen 28, 2026 | CVE

A vulnerability categorized as problematic has been discovered in dnnsoftware Dnn.Platform up to 9.13.9/10.1.x. Affected by this vulnerability is an unknown functionality of the component Persona Bar. The manipulation results in cross site scripting.

This vulnerability is cataloged as CVE-2026-24836. The attack may be launched remotely. There is no exploit available.

It is advisable to upgrade the affected component.

CVE-2026-24836 | dnnsoftware Dnn.Platform up to 9.13.9/10.1.x Persona Bar cross site scripting (GHSA-2g5g-hcgh-q3rp)

Post correlati

CVE-2024-42342 | Loway QueueMetrics request smuggling

CVE-2025-46807 | yrutschle sslh up to 2.2.3 File Descriptor allocation of resources

CVE-2025-6648 | PDF-XChange Editor 10.5.2.395 U3D File Parser out-of-bounds (ZDI-25-433)

CVE-2023-52031 | Totolink A3700R 9.1.2u.5822_B20200513 UploadFirmwareFile Privilege Escalation