High severityCISA KEVNVD Advisory· Published Jul 3, 2019· Updated Oct 21, 2025
CVE-2018-15811
CVE-2018-15811
Description
DNN (aka DotNetNuke) 9.2 through 9.2.1 uses a weak encryption algorithm to protect input parameters.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
DotNetNuke.CoreNuGet | >= 9.2.0, < 9.2.2 | 9.2.2 |
Affected products
1- DotNetNuke/DNNdescription
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
5- github.com/advisories/GHSA-h595-8pw6-5q6vghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2018-15811ghsaADVISORY
- packetstormsecurity.com/files/157080/DotNetNuke-Cookie-Deserialization-Remote-Code-Execution.htmlghsax_refsource_MISCWEB
- www.cisa.gov/known-exploited-vulnerabilities-catalogghsaWEB
- www.dnnsoftware.com/community/security/security-centerghsax_refsource_MISCWEB
News mentions
0No linked articles in our index yet.