RSS   Vulnerabilities for 'Usersexportimport'   RSS

2020-01-21
 
CVE-2019-19392

CWE-276
 

 
The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.

 


Copyright 2024, cxsecurity.com

 

Back to Top