Primary

Context

Invision Community Remote Code Execution Vulnerability in Theme Editor

Vulnerability

Patched

A remote code execution vulnerability exists in Invision Community versions 5.0.0 prior to 5.0.7. The issue is located in the theme editor controller, specifically within the customCss method of themeeditor.php. This protected method can be accessed by unauthenticated users, allowing them to inject and execute arbitrary PHP code by sending crafted template strings. The vulnerability arises because the method processes the 'content' parameter with the template engine, enabling code execution.

Impact

Exploitation of this vulnerability allows for arbitrary PHP code execution on the server.

Reproduction

To reproduce this vulnerability, send a request to themeeditor.php as an unauthenticated user, including a crafted 'content' parameter that exploits the customCss method. The injected PHP code will be executed on the server.

Remediation

Users are advised to upgrade to Invision Community version 5.0.7 or later.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

10.0

exploitability

9.7

remediation

7.7

relevance

0.0

threat

8.2

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.2

impact

10.0

exploitability

9.7

remediation

7.7

relevance

0.0

threat

8.2

urgency

2.9

incentive

10.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Invision Community Remote Code Execution Vulnerability in Theme Editor

Vulnerability

Impact

Reproduction

Remediation

Affected Products

Invision Community

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating