GHSA-8366-xmgf-334f

Source

https://github.com/advisories/GHSA-8366-xmgf-334f

Import Source

https://github.com/github/advisory-database/blob/main/advisories/github-reviewed/2025/03/GHSA-8366-xmgf-334f/GHSA-8366-xmgf-334f.json

JSON Data

https://api.osv.dev/v1/vulns/GHSA-8366-xmgf-334f

Aliases

CVE-2025-27412

Published

2025-03-05T19:03:08Z

Modified

2025-03-05T19:27:11.520944Z

Severity

6.1 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N CVSS Calculator

Summary

REDAXO allows Authenticated Reflected Cross Site Scripting - packages installation

Details

Summary

Reflected cross-site scripting (XSS) is a type of web vulnerability that occurs when a web application fails to properly sanitize user input, allowing an attacker to inject malicious code into the application's response to a user's request. When the user's browser receives the response, the malicious code is executed, potentially allowing the attacker to steal sensitive information or take control of the user's account.

Details

On the latest version of Redaxo, v5.18.2, the rex-api-result parameter is vulnerable to Reflected cross-site scripting (XSS) on the page of AddOns.

PoC

Login Redaxo as administrative user.
Navigate to the URL: http://localhost/redaxo/index.php?page=packages&rex-api-call=package&&rex-api-result={%22succeeded%22%3Atrue%2C%22message%22%3A%22%3Cimg%20src=x%20onerror=alert(document.domain);%3E%22}, the XSS executes.

2025-02-14_13-45

Impact

This can lead to various security risks, including session hijacking, phishing attacks and malware distribution. History page visible to administrative user and when an administrator views the infected page, the attacker may gain elevated privileges, further compromising the system.

Database specific

{
    "nvd_published_at": "2025-03-05T16:15:40Z",
    "cwe_ids": [
        "CWE-79"
    ],
    "severity": "MODERATE",
    "github_reviewed": true,
    "github_reviewed_at": "2025-03-05T19:03:08Z"
}

References

Affected packages

Packagist / redaxo/source

Package

Name: redaxo/source
Purl: pkg:composer/redaxo/source

Affected ranges

Type: ECOSYSTEM
Events: Introduced

5.0.0

Fixed

5.18.3

Affected versions

5.*

5.10.0-beta1

5.10.0-beta2

5.10.0

5.10.1

5.11.0-beta1

5.11.0

5.11.1

5.11.2

5.12.0-beta1

5.12.0-beta2

5.12.0-beta3

5.12.0

5.12.1

5.13.0-beta1

5.13.0-beta2

5.13.0

5.13.1

5.13.2

5.13.3

5.14.0-beta1

5.14.0-beta2

5.14.0

5.14.1

5.14.2

5.14.3

5.15.0-beta1

5.15.0

5.15.1

5.16.0-beta1

5.16.0

5.16.1

5.17.0

5.17.1

5.18.0

5.18.1

5.18.2