CNNVD-202511-2748 Information
Nov 25, 2025
cve
CNNVD ID
CNNVD-202511-2748
Related CVE
- CNNVD Published: 2025-11-25
Description (Chinese)
REDAXO是REDAXO开源的一个内容管理系统。 REDAXO 5.20.0版本存在安全漏洞,该漏洞源于模块管理组件中Output code字段处理不当,可能导致存储型跨站脚本攻击。
Description (English)
REDDAXO is an open-source content management system for REDDAXO. There is a security gap in version 5.2.0 of REDAXO, which stems from the inappropriate handling of the Output code fields in the module management component, which may result in a storage-type cross-site script attack.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Redaxo
Published
2025-11-25
Last Modified
2026-02-24
References
https://github.com/redaxo/redaxo https://drive.google.com/drive/folders/1SpwL548ZBRYU_uL8W7Riv7VHshr2UN0R?usp=sharing https://github.com/vettrivel007/CVE-Disclosures/blob/main/CVE-2025-64049.md https://access.redhat.com/security/cve/cve-2025-64049
Patch
https://github.com/redaxo/redaxo/releases
Share on: