Listen to this Post
The vulnerability (CVE-2025-XXXXX) resides within the DotNetNuke.Core Scheduler logging functionality. Attackers with permission to create or manage scheduled tasks (typically administrators or users with specific module editing rights) can inject malicious JavaScript code into the LogNotes field. This field accepts rich text input intended for task execution logs. When an administrator later views the Scheduler’s task history via the PersonaBar administration dashboard, the application insecurely renders the stored LogNotes content without proper output encoding or sanitization. The injected script is served from the trusted application context and executes within the victim administrator’s session. This allows complete compromise of the admin account, enabling session theft, credential harvesting, or further platform compromise, as the attack payload is persistently stored on the server and triggered upon viewing.
Platform: DNN Platform
Version: 9.0.0-9.13.9
Vulnerability : Stored XSS
Severity: High
date: 2026-01-27
Prediction: Patch released.
What Undercode Say:
Analytics:
curl -s https://api.github.com/advisories | jq '.[] | select(.package.slug=="dnnsoftware/dnn.platform") | .severity, .vulnerable_version_range' grep -r "LogNotes" /path/to/dnn/Install/ --include=".cs" | head -5
How Exploit:
- Attacker with scheduler edit privileges creates/modifies a task.
2. Injects `` into LogNotes field.
- Saves the task, causing execution and payload storage in database.
- Admin views PersonaBar > Scheduler > Task History.
5. Stored script executes in admin’s browser session.
Protection from this CVE:
Update to patched version DNN Platform 10.02.0 immediately. Implement strict output encoding (HTML Encoding) for all user-controlled data rendered in the PersonaBar interface. Apply Content Security Policy (CSP) headers to mitigate impact of successful injections.
Impact:
Admin session compromise, Full application control, Data theft.
🎯Let’s Practice Exploiting & Learn Patching For Free:
Sources:
Reported By: github.com
Extra Source Hub:
Undercode

