AI description
CVE-2025-47916 affects Invision Community versions 5.0.0 before 5.0.7. It allows for remote code execution through crafted template strings targeting the themeeditor.php file. The vulnerability lies in the themeeditor controller, specifically in the customCss method, which can be invoked by unauthenticated users. This method passes the content parameter to the Theme::makeProcessFunction() method, which is then evaluated by the template engine. This allows attackers to inject and execute arbitrary PHP code by providing specially crafted template strings.
- Description
- Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.
- Source
- cve@mitre.org
- NVD status
- Analyzed
CVSS 3.1
- Type
- Primary
- Base score
- 9.8
- Impact score
- 5.9
- Exploitability score
- 3.9
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
- Severity
- CRITICAL
- Hype score
- Not currently trending
[CVE-2025-47916] Invision Community <= 5.0.6 (customCss) Remote Code Execution https://t.co/gcdOzBoHtt
@_r_netsec
23 May 2025
917 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
🚀 I just released a new Metasploit module for Invision Community ≤ 5.0.6 (CVE-2025-47916)! 🔗 PR: https://t.co/VdTETvQXlS https://t.co/tg5a9OucOU
@Chocapikk_
20 May 2025
4459 Impressions
32 Retweets
99 Likes
21 Bookmarks
0 Replies
0 Quotes
CVE-2025-47916 Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (… https://t.co/viCbBWayEs
@CVEnew
17 May 2025
284 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-47916] Invision Community <= 5.0.6 (customCss) Remote Code Execution https://t.co/gcdOzBpfj1
@_r_netsec
14 May 2025
750 Impressions
2 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:invisioncommunity:invisioncommunity:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "0CF893DE-7FA8-4350-B815-4AB6E82C0172",
"versionEndExcluding": "5.0.7",
"versionStartIncluding": "5.0.0"
}
],
"operator": "OR"
}
]
}
]