VYPR
Unrated severityNVD Advisory· Published Apr 21, 2009· Updated Jun 16, 2026

CVE-2008-6732

CVE-2008-6732

Description

Cross-site scripting (XSS) vulnerability in the Language skin object in DotNetNuke before 4.8.4 allows remote attackers to inject arbitrary web script or HTML via "newly generated paths."

Affected products

27
  • cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*+ 26 more
    • cpe:2.3:a:dnnsoftware:dotnetnuke:*:*:*:*:*:*:*:*range: <=4.8.3
    • cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.10d:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.10e:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.6:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:1.0.9:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:2.1.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:2.1.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:3.0.11:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:3.0.7:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:3.0.8:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:3.1.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:3.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.3.5:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.5.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.5.4:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.5.5:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.6.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.6.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.6.2:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.7.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.0:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.1:*:*:*:*:*:*:*
    • cpe:2.3:a:dnnsoftware:dotnetnuke:4.8.2:*:*:*:*:*:*:*
    • (no CPE)range: <4.8.4

Patches

Vulnerability mechanics

References

5

News mentions

0

No linked articles in our index yet.