Published: May 19, 2009
Version: 1.0
Maximum Severity Rating: Low
Background
Whilst installing DotNetNuke if an error occurs, as the custom error handling system may not be in place a redirect is performed to an error handling page.
Issue Summary
The error handling page optionally reads back a querystring parameter that may contain additional error information. Whilst this parameter is typically encoded, an invalid tag could be used to bypass the filter, potentially to unencoded content being echoed to the screen and could allow for script or html injection issues.
Mitigating factors
N/A
Affected DotNetNuke versions
4.0 - 4.9.3 inclusive.
Non-Affected Versions:
N/A
Fix(s) for issue
To fix this problem, you are recommended to update to the latest version of DotNetNuke (4.9.4 at time of writing)
Acknowledgments
Ben Hawkes - Lateral Security (www.lateralsecurity.com)
Security Policy
Click here to read more details on the DotNetNuke Security Policy