CVE-2025-47916

Published May 16, 2025

Last updated 4 days ago

Overview

AI description

Automated description summarized from trusted sources.

CVE-2025-47916 affects Invision Community versions 5.0.0 before 5.0.7. It allows for remote code execution through crafted template strings targeting the themeeditor.php file. The vulnerability lies in the themeeditor controller, specifically in the customCss method, which can be invoked by unauthenticated users. This method passes the content parameter to the Theme::makeProcessFunction() method, which is then evaluated by the template engine. This allows attackers to inject and execute arbitrary PHP code by providing specially crafted template strings.

Description: Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.
Source: cve@mitre.org
NVD status: Awaiting Analysis

Risk scores

CVSS 3.1

Type: Secondary
Base score: 10
Impact score: 6
Exploitability score: 3.9
Vector string: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
Severity: CRITICAL

Weaknesses

cve@mitre.org: CWE-1336

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 3

References