redaxo/source Security Advisories for 5.20.1 (3)
-
[LOW] REDAXO has reflected XSS backend packages API via function parameter (CSRF token required)
PKSA-ps7n-211c-nz3j GHSA-xq4j-g85q-wf97
Affected version: <5.21.0
Reported by:
GitHub -
[LOW] REDAXO has reflected XSS in backend Metainfo API via type parameter (CSRF token required)
PKSA-4w67-7bxw-yj96 GHSA-m662-8jrj-cw6v
Affected version: <5.21.0
Reported by:
GitHub -
[HIGH] Redaxo has Path Traversal in Backup Addon Leading to Arbitrary File Read
PKSA-h8yt-8rph-k3h8 CVE-2026-21857 GHSA-824x-88xg-cwrv
Affected version: <=5.20.1
Reported by:
GitHub