DotNetNuke 9.5 File Path Information Disclosure (CVE-2020-11585 )

Overview Discoverer: Connor NeffVendor & Product: DotNetNukeVersion: 9.5CVE Number: CVE-2020-11585 Introduction There is an information disclosure issue in DotNetNuke CMS (DNN) v.9.5 within the built in Message Center Module. A registered user is able to enumerate any file in the Admin File Manager that is not contained in a secure folder by sending themselves a … Continue reading DotNetNuke 9.5 File Path Information Disclosure (CVE-2020-11585 )