Vulnerability Details CVE-2026-24784
DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 9.0.0 and prior to versions 9.13.10 and 10.2.0, a content editor could inject scripts in module headers/footers that would run for other users. Versions 9.13.10 and 10.2.0 contain a fix for the issue.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 11.6%
CVSS Severity
CVSS v3 Score 6.8
Products affected by CVE-2026-24784
-
cpe:2.3:a:dnnsoftware:dotnetnuke:10.0.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:10.0.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:10.1.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:10.1.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.0.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.0.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.0.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.1.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.1.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.10.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.10.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.10.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.11.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.11.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.11.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.12.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.3
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.4
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.5
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.6
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.7
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.8
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.13.9
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.2.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.2.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.2.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.3.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.3.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.3.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.4.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.4.4
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.5.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.6.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.6.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.6.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.7.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.7.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.7.2
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.8.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.8.1
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.9.0
-
cpe:2.3:a:dnnsoftware:dotnetnuke:9.9.1