CVE-2026-21857

Name of the Vulnerable Software and Affected Versions REDAXO versions prior to 5.20.2

Description REDAXO is a PHP-based content management system. Authenticated users with backup permissions can read arbitrary files within the webroot due to a path traversal issue in the Backup addon’s file export functionality. The Backup addon does not validate the EXPDIR POST parameter against a permitted directory allowlist. An attacker can use relative paths containing ../ sequences, or even absolute paths within the document root, to include any readable file in a generated .tar.gz archive. The EXPDIR parameter is vulnerable to path traversal.

Recommendations Versions prior to 5.20.2 should be updated to version 5.20.2 or later.