modx/revolution vulnerabilities

Browse known CVEs and advisories by package and ecosystem. Severity tells you the worst case. What determines real risk is whether the vulnerable code actually runs in your applications.

Get a demo

Browse by ecosystem

npmPyPIMavenGoRubyGemsCargoNuGetComposerpubSwiftGitHub Actions
CVE-IDSeverityPackage summary
CVE-2025-28010Lowmodx/revolution: MODX allows cross-site scripting (XSS) via an SVG fileCVE-2017-9068Mediummodx/revolution: MODX Revolution Reflected XSSCVE-2017-9071Mediummodx/revolution: MODX Revolution XSS via HTTP Host headerCVE-2017-9069Highmodx/revolution: MODX Revolution allows overwriting .htaccessCVE-2017-9070Mediummodx/revolution: MODX Revolution cross-site scripting vulnerabilityCVE-2017-9067Highmodx/revolution: MODX Revolution Directory Traversal VulnerabilityCVE-2017-1000067Highmodx/revolution: MODX Revolution blind SQL injectionCVE-2018-20757Mediummodx/revolution: MODX Revolution allows XSS through extended user fieldsCVE-2018-20755Mediummodx/revolution: MODX Revolution vulnerable to XSS attack through its User Photo fieldCVE-2018-20756Mediummodx/revolution: MODX Revolution allows XSS via document resourcesCVE-2018-1000207Highmodx/revolution: MODX Revolution Incorrect Access Control vulnerabilityCVE-2018-20758Mediummodx/revolution: MODX vulnerability allows for XSS via user settings parametersCVE-2022-26149Highmodx/revolution: Unrestricted Upload of File with Dangerous Type in MODX RevolutionCVE-2020-25911Criticalmodx/revolution: XML External Entity vulnerability in MODX CMS

Stop the waste.
Protect your environment with Kodem.