I inherited this DNN site from an employee who left the company. Now, our security team has identified critical XSS Vulnerabilities. The first of which is on our home page where the ctl querystring parameter can be exploited.
.../Default.aspx?tabid=36&ctl=Terms
How do we configure DNN to prevent XSS attacks / prevent reflected strings allowing script tags to be passed through the system and rendered in the browser?
Do you offer a new version that prevents these issues? Where can I check the release notes for newer versions?