XSS Vulnerability in DNN Platform Affects Administrators and Editors
CVE-2025-59546

2.4LOW

Key Information:

Vendor: Dnnsoftware
Status: Dnn.platform
Vendor: CVE Published:; 23 September 2025

🔔 Create Dnnsoftware Vulnerability Alert

What is CVE-2025-59546?

An issue has been identified in the DNN Platform where prior to version 10.1.0, administrators and content editors could manipulate module titles to include untrusted HTML and JavaScript code. This vulnerability exposes the system to potential Cross-Site Scripting (XSS) attacks, enabling malicious actors to execute harmful scripts in users' browsers. This critical issue has been resolved in the 10.1.0 release, reinforcing the platform's security against such exploitation.

Human OS v1.0:
Ageing Is an Unpatched Zero-Day Vulnerability.

Remediate biological technical debt. Prime Ageing uses 95% high-purity SIRT6 activation to maintain genomic integrity and bolster systemic resilience.

Deploy the Patch

Affected Version(s)

Dnn.Platform < 10.1.0

References

https://github.com/dnnsoftware/Dnn.Platform/security/advi...

x_refsource_CONFIRM

CVSS V3.1

Score:

2.4

Severity:

LOW

Confidentiality:

None

Integrity:

Low

Availability:

None

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

High

User Interaction:

Required

Scope:

Unchanged

Timeline

Vulnerability published
Sep 23, 2025
Vulnerability Reserved
Sep 17, 2025

JSON

Dnnsoftware