pkg:Packagist/redaxo/source

11 total CVEsHIGH2MEDIUM6

✅ Check your installed version

All known vulnerabilities

  • HIGH7.2CVE-2025-64050REDAXO CMS is vulnerable to RCE attack through its template management component
    from 0, < 5.20.1
  • HIGH7.2CVE-2024-25298Code injection in REDAXO
    from 0, <= 5.15.1
  • MEDIUM6.1CVE-2025-66026REDAXO CMS is vulnerable to Reflected XSS in Mediapool Info Banner via args[types]
    from 0, < 5.20.1
  • MEDIUM6.1CVE-2025-27412REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation
    >= 5.0.0, < 5.18.3
  • MEDIUM5.4CVE-2025-27411REDAXO allows Arbitrary File Upload in the mediapool page
    from 0, < 5.18.3
  • MEDIUM5.4CVE-2024-13209Stored XSS in REDAXO
    >= 5.12.0-beta1, < 5.18.2
  • MEDIUM4.9CVE-2024-46212Path traversal in redaxo
    from 0, <= 5.17.1
  • MEDIUM4.8CVE-2025-64049REDAXO CMS is vulnerable to XSS through its module management component
    from 0, < 5.20.1
  • CVE-2026-21857Redaxo has Path Traversal in Backup Addon Leading to Arbitrary File Read
    from 0, < 5.20.2
  • CVE-2024-46209REDAXO CMS Cross-site Scripting vulnerability
    from 0, <= 5.17.1
  • CVE-2024-50803Redaxo Core CMS Cross Site Scripting (XSS)
    from 0, < 5.18.0