Login Sign Up

CVE-2025-65840

8.8 HIGH
CSRF

📋 TL;DR

PublicCMS V5.202506.b contains a CSRF vulnerability in the CkEditorAdminController that allows attackers to trick authenticated administrators into performing unauthorized actions. This affects all users running the vulnerable version who have administrative access to the CMS. Attackers can exploit this by luring administrators to malicious web pages.

💻 Affected Systems

Products:
  • PublicCMS
Versions: V5.202506.b
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: Requires administrator authentication to exploit, but default configurations are vulnerable.

📦 What is this software?

Publiccms by Publiccms

View all CVEs affecting Publiccms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Complete compromise of CMS administration allowing content manipulation, user account takeover, or injection of malicious code into the site.

🟠

Likely Case

Unauthorized content modifications, user privilege escalation, or configuration changes by tricking administrators.

🟢

If Mitigated

Limited impact with proper CSRF protections, but still potential for minor unauthorized actions if other vulnerabilities exist.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ✅ No
Complexity: LOW

CSRF attacks are well-understood and easy to implement; proof-of-concept is available in GitHub references.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Check GitHub issues for latest patched version

Vendor Advisory: https://github.com/sanluan/PublicCMS/issues/102

Restart Required: No

Instructions:

1. Check the GitHub issue for patch details. 2. Update to the latest version of PublicCMS. 3. Verify CSRF tokens are implemented in CkEditorAdminController.

🔧 Temporary Workarounds

Implement CSRF Protection

all

Add CSRF tokens to all forms and validate them server-side in CkEditorAdminController.

Modify controller to include and validate CSRF tokens

Restrict Admin Access

all

Limit administrative access to trusted networks and implement additional authentication factors.

Configure firewall rules to restrict admin panel access

🧯 If You Can't Patch

  • Implement web application firewall (WAF) rules to detect and block CSRF attempts
  • Monitor administrator sessions for unusual activity and implement session timeouts

🔍 How to Verify

Check if Vulnerable:

Check if CkEditorAdminController endpoints lack CSRF token validation by reviewing source code or testing with CSRF PoC tools.

Check Version:

Check PublicCMS version in admin panel or configuration files

Verify Fix Applied:

Test that all CkEditorAdminController endpoints now require and validate CSRF tokens.

📡 Detection & Monitoring

Log Indicators:

  • Multiple unauthorized requests from same session to CkEditorAdminController endpoints
  • Admin actions without corresponding CSRF token validation logs

Network Indicators:

  • HTTP requests to admin endpoints without Referer headers or with suspicious origins

SIEM Query:

source="web_logs" AND uri="*CkEditorAdminController*" AND csrf_token="null"

📊 Metadata

CVE ID: CVE-2025-65840
CVSS v3 Score: 8.8 (HIGH)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
CWE: CWE-352
EPSS Score: 0.03% exploit probability (8th percentile)
Published: December 1, 2025
Last Updated: December 4, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-65840, you might also want to check these:

CVE-2025-23922 10.0

A Cross-Site Request Forgery (CSRF) vulnerability in the Harsh iSpring Embedder WordPress plugin all...

Same vulnerability type (CWE-352)
CVE-2020-23426 9.8

CVE-2020-23426 is a privilege escalation vulnerability in zzcms 201910 that allows attackers to gain...

Same vulnerability type (CWE-352)
CVE-2024-33449 9.8

This SSRF vulnerability in PDFMyURL allows attackers to make the service send requests to internal s...

Same vulnerability type (CWE-352)