[MEDIUM] REDAXO CMS is vulnerable to Reflected XSS in Mediapool Info Banner via args[types]

PKSA-dcqq-vjpq-jyz4 CVE-2025-66026 GHSA-x6vr-q3vf-vqgq

Affected version: <5.20.1

Reported by:
GitHub

[MEDIUM] REDAXO CMS is vulnerable to XSS through its module management component

PKSA-wmbc-n846-7h2f CVE-2025-64049 GHSA-vqc7-7fj4-3fm3

Affected version: <5.20.1

Reported by:
GitHub

[HIGH] REDAXO CMS is vulnerable to RCE attack through its template management component

PKSA-wnfn-tqc3-fmcx CVE-2025-64050 GHSA-xj9j-gjxg-7jvq

Affected version: <5.20.1

Reported by:
GitHub