modx/revolution Security Advisories for v2.7.2-pl (3)
-
[LOW] MODX allows cross-site scripting (XSS) via an SVG file
PKSA-xzqv-w6dn-tnz5 CVE-2025-28010 GHSA-hm54-fg2w-2g6j
Affected version: <=3.1.0
Reported by:
GitHub -
[HIGH] Unrestricted Upload of File with Dangerous Type in MODX Revolution
PKSA-742p-bz18-z52m CVE-2022-26149 GHSA-j8jp-9x42-4pj5
Affected version: <=2.8.3-pl
Reported by:
GitHub -
[CRITICAL] XML External Entity vulnerability in MODX CMS
PKSA-bqwv-kpq3-qmj9 CVE-2020-25911 GHSA-vhfp-9wvj-gwvg
Affected version: <2.8.0
Reported by:
GitHub