CVE-2025-67842 – This vulnerability allows remote attackers to i... (How to Fix)

Q: What is the severity of CVE-2025-67842?

CVE-2025-67842 has a CVSS score of 6.4 (MEDIUM). This vulnerability allows remote attackers to inject malicious scripts or HTML into any tenant's documentation site by manipulating the subdomain parameter in Mintlify Platform's Static Asset API. It affects all Mintlify Platform tenants using versions before 2025-11-15, enabling cross-tenant content injection attacks.

📋 TL;DR

This vulnerability allows remote attackers to inject malicious scripts or HTML into any tenant's documentation site by manipulating the subdomain parameter in Mintlify Platform's Static Asset API. It affects all Mintlify Platform tenants using versions before 2025-11-15, enabling cross-tenant content injection attacks.

💻 Affected Systems

Products:

Mintlify Platform

Versions: All versions before 2025-11-15

Operating Systems: All

Default Config Vulnerable: ⚠️ Yes

Notes: Affects all tenants using the Static Asset API feature. The vulnerability exists in how subdomain parameters are processed without proper tenant isolation.

📦 What is this software?

Mintlify by Mintlify

View all CVEs affecting Mintlify →

⚠️ Risk & Real-World Impact

🔴

Worst Case

Attackers could inject malicious JavaScript that steals user credentials, session tokens, or redirects users to phishing sites across all tenant documentation sites.

🟠

Likely Case

Attackers inject tracking scripts, deface documentation sites, or perform limited cross-site scripting attacks against users.

🟢

If Mitigated

With proper input validation and tenant isolation, the attack surface is limited to content injection without direct server compromise.

🌐 Internet-Facing: HIGH

🏢 Internal Only: LOW

🎯 Exploit Status

Public PoC: ⚠️ Yes

Weaponized: LIKELY

Unauthenticated Exploit: ⚠️ Yes

Complexity: LOW

The vulnerability is well-documented with public proof-of-concept examples showing how to manipulate subdomain parameters to inject content across tenant boundaries.

🛠️ Fix & Mitigation

✅ Official Fix

Patch Version: Versions from 2025-11-15 onward

Vendor Advisory: https://www.mintlify.com/blog/working-with-security-researchers-november-2025

Restart Required: No

Instructions:

1. Upgrade Mintlify Platform to version dated 2025-11-15 or later. 2. Verify the Static Asset API now properly validates and restricts subdomain parameters to tenant boundaries. 3. No restart required as this is a SaaS platform update.

🔧 Temporary Workarounds

Disable Static Asset API

all

Temporarily disable the Static Asset API feature until patching is complete

Implement WAF Rules

all

Add web application firewall rules to block suspicious subdomain parameter patterns

🧯 If You Can't Patch

Implement strict Content Security Policy (CSP) headers to limit script execution
Monitor for unusual subdomain parameter patterns in access logs

🔍 How to Verify

Check if Vulnerable:

Test if you can access another tenant's static assets by modifying the subdomain parameter in API requests

Check Version:

Check your Mintlify Platform dashboard or API for version information - should show 2025-11-15 or later

Verify Fix Applied:

Verify that subdomain parameters are now properly validated and restricted to the authenticated tenant's assets only

📡 Detection & Monitoring

Log Indicators:

Unusual subdomain parameter values in Static Asset API requests
Requests attempting to access assets from multiple tenant IDs

Network Indicators:

HTTP requests with manipulated subdomain parameters
Unexpected cross-origin resource sharing patterns

SIEM Query:

source="mintlify_logs" AND (uri_path="/api/static-assets" OR uri_path="/api/assets") AND (subdomain_parameter CONTAINS suspicious_pattern OR subdomain_parameter != expected_tenant_id)

📊 Metadata

CVE ID: CVE-2025-67842

CVSS v3 Score: 6.4 (MEDIUM)

CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N

CWE: CWE-829

EPSS Score: 0.07% exploit probability (20.9th percentile)

Published: December 19, 2025

Last Updated: January 2, 2026

🔗 References

https://gist.github.com/hackermondev/5e2cdc32849405fff6b46957747a2d28 Third Party Advisory
https://heartbreak.ing Third Party Advisory
https://kibty.town/blog/mintlify/ Exploit,Third Party Advisory
https://news.ycombinator.com/item?id=46317098 Issue Tracking
https://www.mintlify.com/blog/working-with-security-researchers-november-2025 Vendor Advisory
https://www.mintlify.com/docs/changelog Release Notes
https://kibty.town/blog/mintlify/ Exploit,Third Party Advisory

📤 Share & Export

📄 Export Markdown 📋 Export JSON

🔗 Related Vulnerabilities

If you're affected by CVE-2025-67842, you might also want to check these: