CVE-2025-65956

Formwork is a flat file-based Content Management System (CMS). Prior to version 2.2.0, inserting unsanitized data into the blog tag field results in stored cross‑site scripting (XSS). Any user with credentials to the Formwork CMS who accesses or edits an affected blog post will have attacker‑controlled script executed in their browser. The issue is persistent and impacts privileged administrative workflows. This issue has been patched in version 2.2.0.

CVSS v3 6.5 MEDIUM

6.5^/10

CVSS v3 : MEDIUM

Vector :

Exploitability : 2.3 / Impact : 3.7

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required LOW

User Interaction REQUIRED

Confidentiality Impact LOW

Integrity Impact LOW

Availability Impact LOW

Scope CHANGED

References

Link	Resource
https://github.com/getformwork/formwork/commit/4abcd60ae7692b46d316f956b0b20fb85336f3b2	Patch
https://github.com/getformwork/formwork/pull/791	Issue Tracking Patch
https://github.com/getformwork/formwork/security/advisories/GHSA-7j46-f57w-76pj	Exploit Third Party Advisory
https://github.com/getformwork/formwork/security/advisories/GHSA-7j46-f57w-76pj	Exploit Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:formwork_project:formwork:*:*:*:*:*:*:*:*

History

No history.

Information

Published : 2025-11-26 00:15

Updated : 2025-12-03 20:30

NVD link : CVE-2025-65956

Mitre link : CVE-2025-65956

CVE.ORG link : CVE-2025-65956

JSON object : View

Products Affected

formwork_project

formwork

CWE

CWE-79

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

{"id": "CVE-2025-65956", "cveTags": [], "metrics": {"cvssMetricV31": [{"type": "Secondary", "source": "security-advisories@github.com", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 6.5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:L", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "LOW", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 3.7, "exploitabilityScore": 2.3}, {"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"scope": "CHANGED", "version": "3.1", "baseScore": 5.4, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "REQUIRED", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "impactScore": 2.7, "exploitabilityScore": 2.3}]}, "published": "2025-11-26T00:15:50.770", "references": [{"url": "https://github.com/getformwork/formwork/commit/4abcd60ae7692b46d316f956b0b20fb85336f3b2", "tags": ["Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/getformwork/formwork/pull/791", "tags": ["Issue Tracking", "Patch"], "source": "security-advisories@github.com"}, {"url": "https://github.com/getformwork/formwork/security/advisories/GHSA-7j46-f57w-76pj", "tags": ["Exploit", "Third Party Advisory"], "source": "security-advisories@github.com"}, {"url": "https://github.com/getformwork/formwork/security/advisories/GHSA-7j46-f57w-76pj", "tags": ["Exploit", "Third Party Advisory"], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Secondary", "source": "security-advisories@github.com", "description": [{"lang": "en", "value": "CWE-79"}]}], "descriptions": [{"lang": "en", "value": "Formwork is a flat file-based Content Management System (CMS). Prior to version 2.2.0, inserting unsanitized data into the blog tag field results in stored cross\u2011site scripting (XSS). Any user with credentials to the Formwork CMS who accesses or edits an affected blog post will have attacker\u2011controlled script executed in their browser. The issue is persistent and impacts privileged administrative workflows. This issue has been patched in version 2.2.0."}], "lastModified": "2025-12-03T20:30:01.750", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:formwork_project:formwork:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "623A8C3D-B50D-4064-BD68-9ECD31ECF62F", "versionEndExcluding": "2.2.0"}], "operator": "OR"}]}], "sourceIdentifier": "security-advisories@github.com"}