Platform
php
Component
xibo-cms
Fixed in
4.3.2
CVE-2025-62369 describes a Remote Code Execution (RCE) vulnerability affecting Xibo CMS versions 4.3.0 and earlier. This flaw allows authenticated users with elevated privileges to execute arbitrary code on the server. The vulnerability resides within the CMS Developer menu's Module Templating functionality. A patch addressing this issue is available in version 4.3.1.
An attacker exploiting this vulnerability could gain complete control over the Xibo CMS server. This could lead to data breaches, system compromise, and the potential for lateral movement within the network. The attacker would need to be an authenticated user with the "System -> Add/Edit custom modules and templates" permission. Successful exploitation involves manipulating Twig filters within the module templating system to execute arbitrary server-side functions. Given Xibo's use in digital signage deployments, attackers could potentially manipulate displayed content or gain access to sensitive data stored within the CMS.
This vulnerability was publicly disclosed on 2025-11-04. No public proof-of-concept (PoC) code has been released at the time of writing. The vulnerability's severity is rated HIGH (CVSS 7.2). It is not currently listed on the CISA KEV catalog.
Exploit Status
EPSS
0.55% (68% percentile)
CISA SSVC
CVSS Vector
The primary mitigation is to upgrade Xibo CMS to version 4.3.1 or later, which contains the fix for this vulnerability. If upgrading immediately is not possible, apply the patch commits from versions 4.1 and 4.2 as a temporary workaround. These commits address the underlying issue. Review user permissions to ensure that only authorized personnel have access to the "System -> Add/Edit custom modules and templates" functionality. Consider implementing a Web Application Firewall (WAF) with rules to detect and block malicious attempts to manipulate Twig filters.
Actualice Xibo CMS a la versión 4.3.1 o superior. Como alternativa, aplique los parches de las versiones 4.1 y 4.2 disponibles en los commits especificados en las referencias del CVE. Esto solucionará la vulnerabilidad de ejecución remota de código.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-62369 is a Remote Code Execution vulnerability in Xibo CMS versions 4.3.0 and below. It allows authenticated users with specific permissions to execute arbitrary code on the server.
You are affected if you are running Xibo CMS versions 4.3.0 or earlier and have users with "System -> Add/Edit custom modules and templates" permissions.
Upgrade Xibo CMS to version 4.3.1 or later. As a temporary workaround, apply the patch commits from versions 4.1 and 4.2.
There is no confirmed active exploitation of CVE-2025-62369 at this time, but it is a HIGH severity vulnerability and should be addressed promptly.
Refer to the official Xibo CMS security advisory for detailed information and updates: [https://xibo.org/security/advisories](https://xibo.org/security/advisories)
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.