Reflected Cross-Site Scripting (XSS) in module actions in edit mode
A specially crafted URL may be constructed which can inject an XSS payload that is triggered by using some module actions.
Advisories for Nuget/DotNetNuke.Web package
2025
2022
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Relative Path Traversal in GitHub repository dnnsoftware/dnn.platform prior to 9.11.0.