If you discover a security issue with REDAXO or a related package, please contact us
via info {at} redaxo.org instead of using a public channel. That way we can work on
a fix together before everyone knows how to exploit a potential issue. Thank you!
Security: redaxo/redaxo
Security
SECURITY.md
-
Reflected XSS in Mediapool Info Banner via args[types]GHSA-x6vr-q3vf-vqgq published
Nov 25, 2025 by gharlanModerate -
Arbitrary File Upload in mediapool pageGHSA-wppf-gqj5-fc4f published
Mar 5, 2025 by gharlanModerate -
Authenticated Reflected Cross Site Scripting - packages installationGHSA-8366-xmgf-334f published
Mar 5, 2025 by gharlanModerate -
Stored XSS on REDAXO 5.18.1 - Article / "content/edit"GHSA-7wj8-856p-qc9m published
Feb 10, 2025 by gharlanModerate
Learn more about advisories related to redaxo/redaxo in the GitHub Advisory Database