Archived blog with a focus on DotNetNuke news, tips and tricks, DNN SEO, and insights and opinions about the DNN community at large.

First time here? You may want to check out the blog archive, subscribe to the RSS feed, sign up for free email updates, or follow me on Twitter. Thanks for visiting!

Securing the DNN Forum 

Posted on Wed Apr 04, 2007 by Tom Kraak
In: DotNetNuke, DNN News, DNN Tips & Tricks | 1 Comments

It has been brought to my attention that the DNN forum module is susceptible to a cross-site scripting exploit. Since I've never used the module myself I cannot validate these claims. However, for the sake of “better safe than sorry,” I encourage anybody using the module to head over to Mitchel Sellers’ blog where he provides step-by-step instructions on how to secure the forum module until a permanent fix is in place.

I have not seen anything on dotnetnuke.com in regards to the issue. Have you?




Comments

Mitchel Sellers Thursday, April 05, 2007 at 8:57 AM Mitchel Sellers says:

TO add a bit to this, the issue will be resolved with 4.5 security updates, however if running a previous version I strongly recommend making my listed changes to protect yourself. If there are any specific questions, please e-mail me directly and do not post specifics here or on my site as the issue is in my opinion fairly major and we do not need details being made public.

Comments are closed

Subscribe to our Feeds Follow on Twitter