Secunia Security Advisory – Multiple vulnerabilities have been reported in DotNetNuke, which can be exploited by malicious users to disclose potentially sensitive information and by malicious people to disclose potentially sensitive information and conduct cross-site scripting and cross-site request forgery attacks.
You can download this advisory from the following link: https://packetstormsecurity.com/files/download/91104/sa39862.txt
Source: https://packetstormsecurity.com/files/91104/Secunia-Security-Advisory-39862.html