VDB
CVE-2025-47916
CVE-2025-47916
PUBLISHED
CVSS 10 CRITICAL
Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauthenticated attackers to inject and execute arbitrary PHP code by providing crafted template strings.
EPSS 90.73% · 99.6th percentile
Risk Scores
CVSS 3.1
10
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H
EPSS Score
90.73%
99.6th percentile
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| invisioncommunity | invision_power_board | 5.0.0 |
| invisioncommunity | invisioncommunity | 5.0.0 |
| invisioncommunity | Invision Power Board | 5.0.0 |
Exploit Intelligence
- Proof‑of‑concept description for CVE‑2025‑47916, a Remote Code Execution vulnerability affecting Invision Community 5.0.0–5.0.6 via unsafe template processing in the "customCss()" method. (github-poc)
- Proof‑of‑concept description for CVE‑2025‑47916, a Remote Code Execution vulnerability affecting Invision Community 5.0.0–5.0.6 via unsafe template processing in the "customCss()" method. (github-poc)
- Proof‑of‑concept description for CVE‑2025‑47916, a Remote Code Execution vulnerability affecting Invision Community 5.0.0–5.0.6 via unsafe template processing in the "customCss()" method. (github-poc)
- Proof‑of‑concept description for CVE‑2025‑47916, a Remote Code Execution vulnerability affecting Invision Community 5.0.0–5.0.6 via unsafe template processing in the "customCss()" method. (github-poc)
- Proof‑of‑concept description for CVE‑2025‑47916, a Remote Code Execution vulnerability affecting Invision Community 5.0.0–5.0.6 via unsafe template processing in the "customCss()" method. (github-poc)
- CIRCL seen: CVE-2025-47916 (circl-sighting)
- CIRCL exploited: CVE-2025-47916 (circl-sighting)
- CIRCL seen: CVE-2025-47916 (circl-sighting)
- CIRCL seen: CVE-2025-47916 (circl-sighting)
- CIRCL seen: CVE-2025-47916 (circl-sighting)
…and 48 more exploits
Timeline
- May 14, 2025 PoC Published
- May 14, 2025 PoC Published
- May 15, 2025 PoC Published
- May 16, 2025 CVE Published
- May 16, 2025 Coalition ESS Score
- May 16, 2025 PoC Published
- May 17, 2025 EPSS Score
- May 17, 2025 Coalition ESS Score
- May 17, 2025 CVE Updated
- May 19, 2025 PoC Published
- May 21, 2025 PoC Published
- May 22, 2025 EPSS Score