CVE-2025-23209 - Craft CMS Code Injection Vulnerability

Craft CMS | Craft CMS

• Date Added:
• 2025-02-20

• Due Date:
• 2025-03-13

Vulnerability Name

Craft CMS Code Injection Vulnerability

Description

Craft CMS contains a code injection vulnerability that allows for remote code execution as vulnerable versions have compromised user security keys.

Known To Be Used in Ransomware Campaigns?

Unknown

Action

Apply mitigations per vendor instructions or discontinue use of the product if mitigations are unavailable.

Additional Notes

https://github.com/craftcms/cms/security/advisories/GHSA-x684-96hh-833x ; https://nvd.nist.gov/vuln/detail/CVE-2025-23209

Latest Security News

Apiiro unveils free scanner to detect malicious code merges

Black Basta ransomware gang's internal chat logs leak online

US healthcare org pays $11M settlement over alleged cybersecurity lapses

Chinese hackers use custom malware to spy on US telecom networks

Integrating LLMs into security operations using Wazuh

Microsoft fixes Power Pages zero-day bug exploited in attacks

North Korean Hackers Target Freelance Developers in Job Scam to Deploy Malware

Microsoft testing fix for Windows 11 bug breaking SSH connections

Top Alert List

Content Security Policy (CSP) Header Not Set

CSP

MediumMissing Anti-clickjacking Header

MediumAbsence of Anti-CSRF Tokens

InformationalInformation Disclosure - Suspicious Comments

MediumContent Security Policy (CSP) Header Not Set

LowCross-Domain JavaScript Source File Inclusion

InformationalModern Web Application

HighPII Disclosure

InformationalRe-examine Cache-control Directives

Top CVE List

CVE-2024-41710 Mitel SIP Phones Argument Injection Vulnerability

CVE-2025-0108 Palo Alto Networks PAN-OS Authentication Bypass Vulnerability

CVE-2017-3881 Cisco IOS and IOS XE Remote Code Execution Vulnerability

CVE-2025-0411 7-Zip Mark of the Web Bypass Vulnerability

CVE-2025-0994 Trimble Cityworks Deserialization Vulnerability

CVE-2024-43572 Microsoft Windows Management Console Remote Code Execution Vulnerability

CVE-2025-0111 Palo Alto Networks PAN-OS File Read Vulnerability

CVE-2025-21418 Microsoft Windows Ancillary Function Driver for WinSock Heap-Based Buffer Overflow Vulnerability

CVE-2017-6736 Cisco IOS and IOS XE Software SNMP Remote Code Execution Vulnerability

CVE-2020-29574 CyberoamOS (CROS) SQL Injection Vulnerability

Top CWE List

HighCWE-200 Exposure of Sensitive Information to an Unauthorized Actor

CWE-693 Protection Mechanism Failure

CWE-201 Insertion of Sensitive Information Into Sent Data

CWE-1021 Improper Restriction of Rendered UI Layers or Frames

CWE-581 Object Model Violation: Just One of Equals and Hashcode Defined

CWE-1426 Improper Validation of Generative AI Output

HighCWE-74 Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection')

CWE-284 Improper Access Control

MediumCWE-352 Cross-Site Request Forgery (CSRF)

CWE-359 Exposure of Private Personal Information to an Unauthorized Actor