CNNVD-202511-2912 Information

CNNVD ID

CNNVD-202511-2912

Related CVE

CVE-2025-66026

• CNNVD Published: 2025-11-26

Description (Chinese)

REDAXO是REDAXO开源的一个内容管理系统。 REDAXO 5.20.1之前版本存在安全漏洞，该漏洞源于Mediapool视图中反射型跨站脚本，可能导致任意JavaScript执行。

Description (English)

REDDAXO is an open-source content management system for REDDAXO. There was a security loophole in the pre-REDAXO 5.20.1 version, which originated in a cross-site reflecting script in Mediapool view, which could lead to arbitrary JavaScript execution.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Redaxo

Published

2025-11-26

Last Modified

2026-02-24

References

https://github.com/redaxo/redaxo/security/advisories/GHSA-x6vr-q3vf-vqgq https://github.com/redaxo/redaxo/commit/58929062312cf03e344ab04067a365e6b6ee66aa https://access.redhat.com/security/cve/cve-2025-66026

Patch

https://github.com/redaxo/redaxo/releases