How severe is CVE-2025-52122?

CVE-2025-52122 has a CVSS v3 score of 9.8 (CRITICAL).

CVE-2025-52122

Name: freeform
Author: solspace

9.8CRITICAL

Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection for all users that have access to editin

公開日: 8/27/2025更新日: 9/9/2025

説明

Freeform 5.0.0 to before 5.10.16, a plugin for CraftCMS, contains an Server-side template injection (SSTI) vulnerability, resulting in arbitrary code injection for all users that have access to editing a form (submission title).

AI分析AIによる分析

影響を受ける製品

solspacefreeform

参照

https://github.com/TimTrademark/CVE-2025-52122
ExploitThird Party Advisory
https://github.com/TimTrademark/CVE-CraftCMS-Freeform
ExploitThird Party Advisory