CVE-2018-17831

Name of the Vulnerable Software and Affected Versions REDAXO versions prior to 5.6.3

Description A critical SQL injection issue has been found in the rex list class due to the prepareQuery function in core/lib/list.php. This can be exploited via the "sort" parameter in the index.php?page=users/users API endpoint. The backend is affected, and the frontend is also vulnerable if rex list is used.

Recommendations For versions prior to 5.6.3, update to version 5.6.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the index.php?page=users/users endpoint or disabling the use of the rex list class until a patch is available. Avoid using the sort parameter in the affected endpoint until the issue is resolved.