elmsln/haxcms Security Advisories (4)
-
[HIGH] HAX CMS API Lacks Authorization Checks
PKSA-4nk3-12nx-g3f7 CVE-2025-54378 GHSA-9jr9-8ff3-m894
Affected version: <11.0.14
Reported by:
GitHub -
[MEDIUM] HAX CMS application pages vulnerable to clickjacking
PKSA-c643-15gb-71h6 CVE-2025-54139 GHSA-54vw-f4xf-f92j
Affected version: <11.0.8
Reported by:
GitHub -
[MEDIUM] HAX CMS vulnerable to Local File Inclusion via saveOutline API Location Parameter
PKSA-55mh-q49p-tqr3 CVE-2025-49138 GHSA-hxrr-x32w-cg8g
Affected version: <11.0.0
Reported by:
GitHub -
[HIGH] Hax CMS Stored Cross-Site Scripting vulnerability
PKSA-5myq-vgd8-dphs CVE-2025-49137 GHSA-2vc4-3hx7-v7v7
Affected version: <11.0.0
Reported by:
GitHub