CVE-2025-48376 – DNN External URL Site Export RCE

May 23, 2025

CVE ID : CVE-2025-48376

Published : May 23, 2025, 4:15 p.m. | 2 hours, 37 minutes ago

Description : DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Prior to version 9.13.9, a malicious SuperUser (Host) could craft a request to use an external url for a site export to then be imported. Version 9.13.9 fixes the issue.

Severity: 3.5 | LOW

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Source: Read More

Previous ArticleCVE-2025-48377 – DNN Cross-Site Scripting Vulnerability

Next Article CVE-2025-48375 – Schule Open-Source School Management System OTP Email Flooding Vulnerability

A Week In The Life Of An AI-Augmented Designer

This week in AI updates: Gemini Code Assist Agent Mode, GitHub’s Agents panel, and more (August 22, 2025)

Microsoft adds Copilot-powered debugging features for .NET in Visual Studio

Blackstone portfolio company R Systems Acquires Novigo Solutions, Strengthening its Product Engineering and Full-Stack Agentic-AI Capabilities

I found the ultimate MacBook Air alternative for Windows users – and it’s priced well

Outdated IT help desks are holding businesses back – but there is a solution

Android’s latest update can force apps into dark mode – how to see it now

I tried the Google Pixel Watch 4 – and these key features made it feel indispensable

Building Cross-Platform Alerts with Laravel’s Notification Framework

Building Cross-Platform Alerts with Laravel’s Notification Framework

Add Notes Functionality to Eloquent Models With the Notable Package

How to install OpenPlatform — IoT platform

Basics of Digital Forensics

Basics of Digital Forensics

Top Linux Server Automation Tools: Simplifying System Administration

Rising from the Ashes: How AlmaLinux and Rocky Linux Redefined the Post-CentOS Landscape

CVE-2025-48376 – DNN External URL Site Export RCE

“What happens online stays online” and other cyberbullying myths, debunked

The need for speed: Why organizations are turning to rapid, trustworthy MDR

Tracking the Best Expert Privately

Mastering flex-grow in CSS: Let Your Layouts Breathe!

Maximize Financial Efficiency with a Google Sheets Financial Extension: A Smart Solution for Managing Cash Flow Issues

CVE-2025-5292 – Elementor Element Pack Addons Stored Cross-Site Scripting Vulnerability

CVE-2025-20988 – Qualcomm Fingerprint Trustlet OOB Read Vulnerability

Ongoing Attacks Exploit GeoServer RCE Flaw (CVE-2024-36401) to Install NetCat and XMRig CoinMiner

CVE-2025-46400 – Fig2dev ArcObject Segmentation Fault Vulnerability

CVE-2025-5943 – MicroDicom DICOM Viewer Out-of-Bounds Write Remote Code Execution Vulnerability

CVE-2025-48376 – DNN External URL Site Export RCE

Related Posts