Open in app

Sign in

Write

Sign in

CVE-2024–13209 — Redaxo CMS 5.18.1 Cross Site Scripting

George Chen
Dec 19, 2024

--

Vulnerability

Stored XSS on REDAXO 5.18.1 — Article / “content/edit”

On the latest version of Redaxo, v5.18.1, the article name field is susceptible to stored XSS.

If a user creates an article name (ie /redaxo/index.php?page=structure&category_id=1&article_id=1&clang=1&function=edit_art&artstart=0) using a xss payload such as “<BODY ONLOAD=alert(‘XSS!’)>”, the XSS executes.

A malicious actor can easily steal cookie using this stored XSS and perform a session hijacking attack.

Impact

A malicious actor can easily steal cookie using this stored XSS and perform a session hijacking attack.

Disclosure

Informed the Redaxo team via email and github.

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

--

--

George Chen
George Chen

Written by George Chen

71 Followers
7 Following

George is the Head of CloudSec and AppSec at Dyson. He's passionate about cyber innovation and has filed over 50 cybersecurity patents.

No responses yet

Write a response

What are your thoughts?

Help

Status

About

Careers

Press

Blog

Privacy

Rules

Terms

Text to speech