What is the severity of CVE-2008-6732?

CVE-2008-6732 is classified as a high severity vulnerability due to its potential for allowing remote code execution via cross-site scripting.

How do I fix CVE-2008-6732?

To mitigate CVE-2008-6732, upgrade DotNetNuke to version 4.8.4 or later, which includes the necessary security fixes.

What are the affected versions for CVE-2008-6732?

CVE-2008-6732 affects multiple versions of DotNetNuke including versions 1.0.6 to 4.8.3.

What type of vulnerability is CVE-2008-6732?

CVE-2008-6732 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.

Who can be affected by CVE-2008-6732?

Any user of the affected DotNetNuke versions may fall victim to attacks exploiting CVE-2008-6732, compromising their web applications.

Vulnerability/
CVE-2008-6732

medium

4.3

CWE

21/4/2009

7/8/2024

CVE-2008-6732: XSS

First published: Tue Apr 21 2009(Updated: )

Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke before 4.8.4 allows remote attackers to inject arbitrary web script or HTML via "newly generated paths."

Credit: cve@mitre.org

Affected Software	Affected Version	How to fix
DNN (DotNetNuke)	=4.8.2
DNN (DotNetNuke)	=4.8.1
DNN (DotNetNuke)	=2.1.1
DNN (DotNetNuke)	=1.0.10e
DNN (DotNetNuke)	=1.0.10d
DNN (DotNetNuke)	=1.0.7
DNN (DotNetNuke)	=4.5.2
DNN (DotNetNuke)	<=4.8.3
DNN (DotNetNuke)	=4.6.2
DNN (DotNetNuke)	=1.0.8
DNN (DotNetNuke)	=1.0.6
DNN (DotNetNuke)	=1.0.9
DNN (DotNetNuke)	=3.0.8
DNN (DotNetNuke)	=4.3.5
DNN (DotNetNuke)	=4.5.4
DNN (DotNetNuke)	=2.1.2
DNN (DotNetNuke)	=4.0
DNN (DotNetNuke)	=3.0.11
DNN (DotNetNuke)	=3.0.7
DNN (DotNetNuke)	=4.6.0
DNN (DotNetNuke)	=4.7.0
DNN (DotNetNuke)	=4.8.0
DNN (DotNetNuke)	=4.5.5
DNN (DotNetNuke)	=3.3.5
DNN (DotNetNuke)	=3.1.0
DNN (DotNetNuke)	=4.6.1

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2008-6732?
CVE-2008-6732 is classified as a high severity vulnerability due to its potential for allowing remote code execution via cross-site scripting.
How do I fix CVE-2008-6732?
To mitigate CVE-2008-6732, upgrade DotNetNuke to version 4.8.4 or later, which includes the necessary security fixes.
What are the affected versions for CVE-2008-6732?
CVE-2008-6732 affects multiple versions of DotNetNuke including versions 1.0.6 to 4.8.3.
What type of vulnerability is CVE-2008-6732?
CVE-2008-6732 is a cross-site scripting (XSS) vulnerability that allows attackers to inject arbitrary web scripts or HTML.
Who can be affected by CVE-2008-6732?
Any user of the affected DotNetNuke versions may fall victim to attacks exploiting CVE-2008-6732, compromising their web applications.

agent/type
collector/mitre-cve
source/MITRE
agent/severity
agent/author
agent/references
agent/last-modified-date
agent/description
agent/event
agent/first-publish-date
agent/source
agent/weakness
agent/softwarecombine
agent/tags
collector/nvd-historical
agent/software-canonical-lookup-request
collector/nvd-index
vendor/dotnetnuke
canonical/dnn (dotnetnuke)
version/dnn (dotnetnuke)/4.8.2
version/dnn (dotnetnuke)/4.8.1
version/dnn (dotnetnuke)/2.1.1
version/dnn (dotnetnuke)/1.0.10e
version/dnn (dotnetnuke)/1.0.10d
version/dnn (dotnetnuke)/1.0.7
version/dnn (dotnetnuke)/4.5.2
version/dnn (dotnetnuke)/4.8.3
version/dnn (dotnetnuke)/4.6.2
version/dnn (dotnetnuke)/1.0.8
version/dnn (dotnetnuke)/1.0.6
version/dnn (dotnetnuke)/1.0.9
version/dnn (dotnetnuke)/3.0.8
version/dnn (dotnetnuke)/4.3.5
version/dnn (dotnetnuke)/4.5.4
version/dnn (dotnetnuke)/2.1.2
version/dnn (dotnetnuke)/4.0
version/dnn (dotnetnuke)/3.0.11
version/dnn (dotnetnuke)/3.0.7
version/dnn (dotnetnuke)/4.6.0
version/dnn (dotnetnuke)/4.7.0
version/dnn (dotnetnuke)/4.8.0
version/dnn (dotnetnuke)/4.5.5
version/dnn (dotnetnuke)/3.3.5
version/dnn (dotnetnuke)/3.1.0
version/dnn (dotnetnuke)/4.6.1