[MEDIUM] REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation

PKSA-76dy-z23y-9p4c CVE-2025-27412 GHSA-8366-xmgf-334f

Affected package: redaxo/source

Affected version: >=5.0.0,<5.18.3

Reported by:
GitHub