CVE-2025-32374 MEDIUM

CVE-2025-32374: Possible Denial of Service (DoS) in DNN.PLATFORM registration

Vendor Dnnsoftware
Product Dnn.Platform
Weakness CWE-770 · Uncontrolled resource consumption
Published April 9, 2025
Last update April 9, 2025

CVSS base score

5.9/10
Attack vector Network
Attack complexity High
Privileges required None
User interaction None
Confidentiality None
Integrity None

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

What the vulnerability does

01Description

DNN (formerly DotNetNuke) is an open-source web content management platform (CMS) in the Microsoft ecosystem. Possible denial of service with specially crafted information in the public registration form. This vulnerability is fixed in 9.13.8.

Key dates

02Disclosure timeline

April 9, 2025 CVE published
April 9, 2025 Record updated