Vulnerabilities > Redaxo > Redaxo > 5.6.3
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2018-10-09 | CVE-2018-18200 | SQL Injection vulnerability in Redaxo There is a SQL injection in Benutzerverwaltung in REDAXO before 5.6.4. | 7.5 |
2018-10-09 | CVE-2018-18199 | Cross-site Scripting vulnerability in Redaxo Mediamanager in REDAXO before 5.6.4 has XSS. | 4.3 |
2018-10-09 | CVE-2018-18198 | Cross-site Scripting vulnerability in Redaxo 5.6.3 The $opener_input_field variable in addons/mediapool/pages/index.php in REDAXO 5.6.3 is not effectively filtered and is output directly to the page. | 4.3 |