Open in app

Sign in

Write

Sign in

CVE-2024–13209 — Redaxo CMS 5.18.1 Cross Site Scripting

George Chen
Dec 19, 2024

--

Vulnerability

Stored XSS on REDAXO 5.18.1 — Article / “content/edit”

On the latest version of Redaxo, v5.18.1, the article name field is susceptible to stored XSS.

If a user creates an article name (ie /redaxo/index.php?page=structure&category_id=1&article_id=1&clang=1&function=edit_art&artstart=0) using a xss payload such as “<BODY ONLOAD=alert(‘XSS!’)>”, the XSS executes.

A malicious actor can easily steal cookie using this stored XSS and perform a session hijacking attack.

Impact

A malicious actor can easily steal cookie using this stored XSS and perform a session hijacking attack.

Disclosure

Informed the Redaxo team via email and github.

--

--

George Chen
George Chen

Written by George Chen

68 Followers
7 Following

George is the Head of CloudSec and AppSec at Dyson. He's passionate about cyber innovation and has filed over 50 cybersecurity patents.

No responses yet

Help

Status

About

Careers

Press

Blog

Privacy

Terms

Text to speech

Teams