Browse all 6 CVE security advisories affecting redaxo. AI-powered Chinese analysis, POCs, and references for each vulnerability.
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2016-20053 | Redaxo CMS 5.2 Cross-Site Request Forgery via users endpoint — Redaxo CMSCWE-352 | 5.3 | Medium | 2026-04-04 |
| CVE-2026-21857 | Redaxo has Path Traversal in Backup Addon Leading to Arbitrary File Read — redaxoCWE-24 | 6.5 | - | 2026-01-07 |
| CVE-2025-66026 | REDAXO is Vulnerable to Reflected XSS in Mediapool Info Banner via args[types] — redaxoCWE-79 | 6.1 | Medium | 2025-11-26 |
| CVE-2025-27412 | REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation — redaxoCWE-79 | 6.1 | Medium | 2025-03-05 |
| CVE-2025-27411 | REDAXO allows Arbitrary File Upload in the mediapool page — redaxoCWE-434 | 5.4 | Medium | 2025-03-05 |
| CVE-2024-13209 | Redaxo CMS Structure Management Page index.php cross site scripting — CMSCWE-79 | 2.4 | Low | 2025-01-09 |
This page lists every published CVE security advisory associated with redaxo. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.