← Back to CVE List
CVE-2019-19392
The forDNN.UsersExportImport module before 1.2.0 for DNN (formerly DotNetNuke) allows an unprivileged user to import (create) new users with Administrator privileges, as demonstrated by Roles="Administrators" in XML or CSV data.
> MITRE Terms of Use apply – see LICENSE‑MITRE.txt