Cyber Resilience

CVE-2025-65868

HighPublic PoC

Published: 03 December 2025

Published
03 December 2025
Modified
16 December 2025
KEV Added
Patch
CVSS Score v3.1 7.5 CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score 0.0016 37.0th percentile
Risk Priority 15 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2025-65868 is a high-severity Improper Restriction of XML External Entity Reference (CWE-611) vulnerability in Eyoucms Eyoucms. Its CVSS base score is 7.5 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Application or System Exploitation (T1499.004); ranked at the 37.0th percentile by exploit likelihood (below the median); it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

The strongest mitigations our analysis identified are NIST 800-53 SC-5 (Denial-of-service Protection) and SI-10 (Information Input Validation).

Deeper analysis

CVE-2025-65868 is an XML external entity (XXE) injection vulnerability, mapped to CWE-611, affecting eyoucms version 1.7.1. Published on 2025-12-03, it allows remote attackers to trigger a denial of service condition by sending a POST request with a specially crafted body that exploits improper XML parsing.

The vulnerability carries a CVSS v3.1 base score of 7.5 (High), with the vector AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H. Any unauthenticated attacker with network access can exploit it with low attack complexity and no user interaction, achieving high-impact disruption to availability while leaving confidentiality and integrity unaffected.

Details on the vulnerability are reported in GitHub issue #66 on the eyoucms repository (https://github.com/weng-xianhu/eyoucms/issues/66). No specific patch or mitigation guidance is detailed in the provided references.

EU & UK References

Vulnerability details

XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.

CWE(s)

Related Threats

MITRE ATT&CK Enterprise TechniquesAI

T1499.004 Application or System Exploitation Impact
Adversaries may exploit software vulnerabilities that can cause an application or system to crash and deny availability to users.
Why these techniques?

XXE vulnerability in public-facing web application enables denial of service via application exploitation.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

CVEs Like This One

CVE-2026-1107Same product: Eyoucms Eyoucms
CVE-2024-46603Shared CWE-611
CVE-2024-46602Shared CWE-611
CVE-2026-26171Shared CWE-611
CVE-2025-10713Shared CWE-611
CVE-2026-24400Shared CWE-611
CVE-2025-12531Shared CWE-611
CVE-2025-36247Shared CWE-611
CVE-2026-40682Shared CWE-611
CVE-2026-41066Shared CWE-611

Affected Assets

eyoucms
eyoucms
1.7.1

Mitigating Controls

Mitigating Controls (NIST 800-53 r5) AI

prevent

SI-10 requires validation of information inputs, directly preventing XXE injection by rejecting or sanitizing crafted XML payloads in POST requests.

preventdetect

SC-5 protects against denial-of-service events like resource exhaustion from XXE entity expansion attacks.

prevent

SI-2 ensures timely remediation of flaws such as the XML parsing vulnerability in eyoucms v1.7.1.

References