CVE-2025-65960

Medium

Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, back end users with precise control…

GitHub_M·CWE-351·Published 2025-11-25

CVSS

6.6

EPSS

0.00

KEV

Exploits

cve.orgen

408 chars

Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, back end users with precise control over the contents of template closures can execute arbitrary PHP functions that do not have required parameters. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A workaround for this issue involves manually patching the Contao\Template::once() method.

NVDen

408 chars

OSV.deven

387 chars

### Impact Backend users with precise control over the contents of template closures can execute arbitrary PHP functions that do not have required parameters. ### Patches Update to Contao 4.13.57, 5.3.42 or 5.6.5 ### Workarounds Manually patch the `Contao\Template::once()` method. ### Resources https://contao.org/en/security-advisories/remote-code-execution-in-template-closures

GHSAen

387 chars

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
3.1	Primary	cve.org	6.6	—	—	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Primary	cve.org	6.6	—	—	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	NVD	6.6	0.7	5.9	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H
3.1	Secondary	GHSA	6.6	—	—	CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H