GHSA-8366-XMGF-334F REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation

Summary Reflected cross-site scripting XSS is a type of web vulnerability that occurs when a web application fails to properly sanitize user input, allowing an attacker to inject malicious code into the application's response to a user's request. When the user's browser receives the response, the...

PT-2025-9840 · Redaxo · Redaxo

Name of the Vulnerable Software and Affected Versions: REDAXO versions 5.0.0 through 5.18.2 Description: The issue concerns a Reflected cross-site scripting XSS vulnerability in the rex-api-result parameter on the AddOns page. Recommendations: For versions 5.0.0 through 5.18.2, update to version...

PT-2025-9839 · Redaxo · Redaxo

Name of the Vulnerable Software and Affected Versions: Redaxo versions prior to 5.18.3 Description: The issue concerns arbitrary file upload in the mediapool/media page of the Redaxo CMS. This vulnerability has been fixed in version 5.18.3. Recommendations: For versions prior to 5.18.3, update to...