CVE-2025-65271
Published: 08 December 2025
Summary
CVE-2025-65271 is a high-severity Code Injection (CWE-94) vulnerability in Azuriom Azuriom. Its CVSS base score is 8.8 (High).
Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Privilege Escalation (T1068); ranked at the 22.6th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog.
The strongest mitigations our analysis identified are NIST 800-53 SI-10 (Information Input Validation) and SI-15 (Information Output Filtering).
Deeper analysis
CVE-2025-65271 is a client-side template injection (CSTI) vulnerability in the admin dashboard of Azuriom CMS, a content management system. It affects versions prior to 1.2.7 and is classified under CWE-94 (Improper Control of Generation of Code ('Code Injection')). The issue arises when plugins or dashboard components render untrusted user input without proper sanitization, enabling the injection and execution of arbitrary template code. The vulnerability carries a CVSS v3.1 base score of 8.8 (AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H), indicating high severity due to its network accessibility, low attack complexity, and potential for high impact on confidentiality, integrity, and availability.
A low-privilege user can exploit this vulnerability by submitting malicious input through affected plugins or dashboard components. When an administrator views or interacts with this untrusted input in their session, the injected template code executes in the context of the administrator's browser or session. This allows the attacker to achieve privilege escalation, potentially gaining full administrative control over the CMS instance.
Azuriom addressed the vulnerability in version 1.2.7, with the specific fix implemented in commit 0289175547319add814dcb526e8ba034f1ebc3ec available on the project's GitHub repository (https://github.com/Azuriom/Azuriom). Security practitioners should advise upgrading to Azuriom 1.2.7 or later and reviewing custom plugins for similar input rendering issues. Additional details are documented in the CVE advisory repository at https://github.com/1337Skid/CVE-2025-65271.
EU & UK References
- 🇪🇺 ENISA EUVD: EUVD-2025-201795
Vulnerability details
Client-side template injection (CSTI) in Azuriom CMS admin dashboard allows a low-privilege user to execute arbitrary template code in the context of an administrator's session. This can occur via plugins or dashboard components that render untrusted user input, potentially enabling…
more
privilege escalation to an administrative account. Fixed in Azuriom 1.2.7.
- CWE(s)
Related Threats
MITRE ATT&CK Enterprise TechniquesAI
Why these techniques?
The client-side template injection (CSTI) vulnerability enables exploitation of a client-side rendering flaw (T1203, T1221) in the admin dashboard, allowing arbitrary code execution in an administrator's session context, facilitating privilege escalation (T1068).
CVEs Like This One
Affected Assets
Mitigating Controls
Mitigating Controls (NIST 800-53 r5) AI
Directly prevents client-side template injection by validating and sanitizing untrusted user inputs from low-privilege users before they are processed or rendered in admin dashboard templates.
Mitigates execution of injected template code by filtering malicious content from information outputs transmitted to administrators' browser sessions.
Addresses the specific vulnerability through timely flaw remediation, such as upgrading to Azuriom 1.2.7 which patches the unsanitized rendering in plugins and dashboard components.