CVE-2026-40305 in Dnn.PlatformИнформация

Сводка

по MITRE • 18.04.2026

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Starting in version 6.0.0 and prior to version 10.2.2, in the friends feature, a user could craft a request that would force the acceptance of a friend request on another user. Version 10.2.2 patches the issue.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Ответственный

GitHub M

Резервировать

10.04.2026

Раскрытие

18.04.2026

Модерация

принято

Вход

VDB-358116

CPE

готов

CWE

CWE-285 (Подтверждённый)

CVSS

4.3 (CNA)

EPSS

0.00034

KEV

Нет

Деятельности

Очень низкий

Источники

MITRE	https://www.cve.org/CVERecord?id=CVE-2026-40305
NVD	https://nvd.nist.gov/vuln/detail/CVE-2026-40305
CVE Details	https://www.cvedetails.com/cve/CVE-2026-40305/

◂ Предыдущий Обзор Далее ▸

Do you need the next level of professionalism?

Upgrade your account now!