Product
Redaxo CMS Mediapool Addon version 5.5.1 and older contains an arbitrary file upload vulnerability (CVE-2018-25353) that allows authenticated users to bypass file extension blacklist restrictions, leading to arbitrary code execution.