CVE-2018-18325

DotNetNuke (DNN) contains an inadequate encryption strength vulnerability resulting from the use of a weak encryption algorithm to protect input parameters. This CVE ID resolves an incomplete patch for CVE-2018-15811. Vendor/Product: DotNetNuke (DNN) DotNetNuke (DNN). Added to CISA KEV 2021-11-03; required action: Apply updates per vendor instructions.