Login Sign Up

CVE-2025-67170

6.1 MEDIUM
Cross-Site Scripting

📋 TL;DR

A reflected cross-site scripting vulnerability in RiteCMS v3.1.0 allows attackers to inject malicious scripts via crafted URLs. When users click malicious links, attackers can execute arbitrary JavaScript in their browser sessions, potentially stealing credentials or performing unauthorized actions. This affects all RiteCMS v3.1.0 installations with default configurations.

💻 Affected Systems

Products:
  • RiteCMS
Versions: v3.1.0
Operating Systems: All
Default Config Vulnerable: ⚠️ Yes
Notes: All installations of RiteCMS v3.1.0 are vulnerable by default. No special configuration required for exploitation.

📦 What is this software?

Ritecms by Ritecms

View all CVEs affecting Ritecms →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers steal administrator session cookies, gain full administrative access to the CMS, deface websites, or install backdoors for persistent access.

🟠

Likely Case

Attackers steal user session tokens or credentials through phishing campaigns, leading to account compromise and potential data theft.

🟢

If Mitigated

With proper input validation and output encoding, malicious scripts are neutralized, preventing code execution.

🌐 Internet-Facing: HIGH
🏢 Internal Only: MEDIUM

🎯 Exploit Status

Public PoC: ⚠️ Yes
Weaponized: LIKELY
Unauthenticated Exploit: ⚠️ Yes
Complexity: LOW

Exploitation requires user interaction (clicking malicious link). Public proof-of-concept code is available in GitHub repositories.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Not available

Vendor Advisory: Not available

Restart Required: No

Instructions:

No official patch available. Consider upgrading to a newer version if available, or implement workarounds.

🔧 Temporary Workarounds

Implement Content Security Policy

all

Add CSP headers to restrict script execution sources

Add to web server config: Content-Security-Policy: default-src 'self'; script-src 'self'

Input Validation Filter

all

Add server-side input validation for all user-supplied parameters

Implement parameter sanitization in affected PHP files

🧯 If You Can't Patch

  • Deploy Web Application Firewall (WAF) with XSS protection rules
  • Implement strict output encoding for all user-controlled data in templates

🔍 How to Verify

Check if Vulnerable:

Test by injecting <script>alert('XSS')</script> into URL parameters and checking if script executes

Check Version:

Check RiteCMS admin panel or config files for version information

Verify Fix Applied:

Retest XSS payloads after implementing fixes; scripts should not execute

📡 Detection & Monitoring

Log Indicators:

  • Unusual long URL parameters containing script tags or JavaScript code
  • Multiple failed XSS attempts in web server logs

Network Indicators:

  • HTTP requests with suspicious parameters containing script tags or encoded JavaScript

SIEM Query:

web.url:*script* OR web.url:*javascript* AND dest.app:"RiteCMS"

📊 Metadata

CVE ID: CVE-2025-67170
CVSS v3 Score: 6.1 (MEDIUM)
CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
CWE: CWE-20
EPSS Score: 0.08% exploit probability (24.1th percentile)
Published: December 17, 2025
Last Updated: December 18, 2025

🔗 References

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67170, you might also want to check these:

CVE-2022-47190 10.0

CVE-2022-47190 allows remote attackers to upload malicious firmware containing a webshell to Generex...

Same vulnerability type (CWE-20)
CVE-2024-3400 10.0

CVE-2024-3400 is a critical command injection vulnerability in Palo Alto Networks PAN-OS GlobalProte...

Same vulnerability type (CWE-20)
CVE-2023-42802 10.0

This critical vulnerability in GLPI allows attackers to upload malicious PHP files to unauthorized d...

Same vulnerability type (CWE-20)