CVE-2025-66026 | Redaxo CMS up to 5.20.0 Link args[types] cross site scripting (GHSA-x6vr-q3vf-vqgq)

A vulnerability marked as problematic has been reported in Redaxo CMS up to 5.20.0. This affects an unknown function of the component Link Handler. Performing manipulation of the argument args[types] results in cross site scripting.

This vulnerability is identified as CVE-2025-66026. The attack can be initiated remotely. There is not any exploit available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More