DNN (DotNetNuke) before 9.2.0 Vulnerability: Server-Side Request Forgery (SSRF) in DnnImageHandler

DNN (DotNetNuke) before 9.2.0 Vulnerability: Server-Side Request Forgery (SSRF) in DnnImageHandler

CVE-2017-0929 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:N

DNN (aka DotNetNuke) before 9.2.0 suffers from a Server-Side Request Forgery (SSRF) vulnerability in the DnnImageHandler class. Attackers may be able to access information about internal network resources.

Learn more about our Cis Benchmark Audit For Server Software.