Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2025-47916Improper Neutralization of Special Elements Used in a Template Engine in Invision Power Board

CWE-1336Improper Neutralization of Special Elements Used in a Template EngineCWE-94Code Injection6 documents6 sources
Severity
9.8CRITICALNVD
CNA10.0VulnCheck10.0
EPSS
90.7%
top 0.38%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
Invisioncommunity Invision Power BoardInvisioncommunity
Timeline
PublishedMay 16
Latest updateMay 18

Description

Invision Community 5.0.0 before 5.0.7 allows remote code execution via crafted template strings to themeeditor.php. The issue lies within the themeeditor controller (file: /applications/core/modules/front/system/themeeditor.php), where a protected method named customCss can be invoked by unauthenticated users. This method passes the value of the content parameter to the Theme::makeProcessFunction() method; hence it is evaluated by the template engine. Accordingly, this can be exploited by unauth

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:HExploitability: 3.9 | Impact: 5.9

Affected Packages2 packages

CVEListV5invisioncommunity/invision_power_board5.0.05.0.7

🔴Vulnerability Details

3
GHSA
GHSA-96q3-fjrx-h9hh: Invision Community 52025-05-16
CVEList
CVE-2025-47916: Invision Community 52025-05-16
VulnCheck
invisioncommunity invisioncommunity Improper Neutralization of Special Elements Used in a Template Engine2025

💥Exploits & PoCs

2
Exploit-DB
Invision Community 5.0.6 - Remote Code Execution (RCE)2025-05-18
Nuclei
Invision Community <=5.0.6 Unauthenticated RCE via Template Injection
CVE-2025-47916 — Invision Power Board vulnerability | cvebase