Lucene search
+L

5 matches found

NVD
NVD
added 2025/03/05 4:15 p.m.16 views

CVE-2025-27412

REDAXO is a PHP-based CMS. In Redaxo from 5.0.0 through 5.18.2, the rex-api-result parameter is vulnerable to Reflected cross-site scripting XSS on the page of AddOns. This vulnerability is fixed in 5.18.3...

6.1CVSS0.00266EPSS
Exploits1References1
Cvelist
Cvelist
added 2025/03/05 3:53 p.m.16 views

CVE-2025-27412 REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation

REDAXO is a PHP-based CMS. In Redaxo from 5.0.0 through 5.18.2, the rex-api-result parameter is vulnerable to Reflected cross-site scripting XSS on the page of AddOns. This vulnerability is fixed in 5.18.3...

6.1CVSS0.00266EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/03/05 3:53 p.m.9 views

CVE-2025-27412 REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation

REDAXO is a PHP-based CMS. In Redaxo from 5.0.0 through 5.18.2, the rex-api-result parameter is vulnerable to Reflected cross-site scripting XSS on the page of AddOns. This vulnerability is fixed in 5.18.3...

6.1CVSS6AI score0.00266EPSS
Exploits1References1
CVE
CVE
added 2025/03/05 3:53 p.m.102 views

CVE-2025-27412

CVE-2025-27412 concerns the REDAXO PHP-based CMS. Versions 5.0.0 through 5.18.2 expose a reflected XSS vulnerability in the rex-api-result parameter on the AddOns page. The issue allows an attacker to inject malicious scripts via crafted input, potentially affecting affected administrator session...

6.1CVSS6AI score0.00266EPSS
Exploits1References1Affected Software1
Circl
Circl
added 2025/03/05 9:3 a.m.14 views

CVE-2025-27412

creationtimestamp| type| source ---|---|--- 2025-03-05 09:03:49+00:00| published-proof-of-concept| https://github.com/redaxo/core/security/advisories/GHSA-8366-xmgf-334f 2025-03-05 16:32:21+00:00| seen| https://t.me/DarkWebInformerCVEAlerts/6557 2025-03-05 18:36:58+00:00| seen|...

6.1CVSS5.7AI score0.00266EPSS
Exploits1References4
Rows per page
Query Builder