VulnerableCode Vulnerability Details

Staging Environment: Content and features may be unstable or change without notice.

Search for vulnerabilities

Vulnerability details: VCID-tchf-hfgv-e3ca

Essentials
Severities (20)
References (9)
Severity details (18)
Exploits (0)
EPSS
History (1)

Vulnerability ID	VCID-tchf-hfgv-e3ca
Aliases	CVE-2025-65960 GHSA-98vj-mm79-v77r
Summary	Contao is an Open Source CMS. From version 4.0.0 to before 4.13.57, before 5.3.42, and before 5.6.5, back end users with precise control over the contents of template closures can execute arbitrary PHP functions that do not have required parameters. This issue has been patched in versions 4.13.57, 5.3.42, and 5.6.5. A workaround for this issue involves manually patching the Contao\Template::once() method.
Status	Published
Exploitability	0.5
Weighted Severity	6.2
Risk	3.1
Affected and Fixed Packages	Package Details

Weaknesses (3)

CWE-351	Insufficient Type Distinction
CWE-937	OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
CWE-1035	OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities

System	Score	Found at
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2025-65960
epss	0.0002	https://api.first.org/data/v1/epss?cve=CVE-2025-65960
cvssv3.1	6.6	https://contao.org/en/security-advisories/remote-code-execution-in-template-closures
generic_textual	MODERATE	https://contao.org/en/security-advisories/remote-code-execution-in-template-closures
ssvc	Track	https://contao.org/en/security-advisories/remote-code-execution-in-template-closures
cvssv3.1_qr	MODERATE	https://github.com/advisories/GHSA-98vj-mm79-v77r
cvssv3.1	6.6	https://github.com/contao/contao
generic_textual	MODERATE	https://github.com/contao/contao
cvssv3.1	6.6	https://github.com/contao/contao/commit/577d7fdd5b1ca84f65f034ff556865422f0a3bd1
generic_textual	MODERATE	https://github.com/contao/contao/commit/577d7fdd5b1ca84f65f034ff556865422f0a3bd1
cvssv3.1	6.6	https://github.com/contao/contao/commit/676f0855d39007ac9a0dbe7ae6a7414cba2312a5
generic_textual	MODERATE	https://github.com/contao/contao/commit/676f0855d39007ac9a0dbe7ae6a7414cba2312a5
cvssv3.1	6.6	https://github.com/contao/contao/commit/ebf84c90e5679a67060f396b924ce4a3c3f206b3
generic_textual	MODERATE	https://github.com/contao/contao/commit/ebf84c90e5679a67060f396b924ce4a3c3f206b3
cvssv3.1	6.6	https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r
cvssv3.1_qr	MODERATE	https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r
generic_textual	MODERATE	https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r
ssvc	Track	https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r
cvssv3.1	6.6	https://nvd.nist.gov/vuln/detail/CVE-2025-65960
generic_textual	MODERATE	https://nvd.nist.gov/vuln/detail/CVE-2025-65960

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2025-65960
		https://github.com/contao/contao
		https://github.com/contao/contao/commit/577d7fdd5b1ca84f65f034ff556865422f0a3bd1
		https://github.com/contao/contao/commit/676f0855d39007ac9a0dbe7ae6a7414cba2312a5
		https://github.com/contao/contao/commit/ebf84c90e5679a67060f396b924ce4a3c3f206b3
CVE-2025-65960		https://nvd.nist.gov/vuln/detail/CVE-2025-65960
GHSA-98vj-mm79-v77r		https://github.com/advisories/GHSA-98vj-mm79-v77r
GHSA-98vj-mm79-v77r		https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r
remote-code-execution-in-template-closures		https://contao.org/en/security-advisories/remote-code-execution-in-template-closures

No exploits are available.

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://contao.org/en/security-advisories/remote-code-execution-in-template-closures

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-25T19:59:53Z/ Found at https://contao.org/en/security-advisories/remote-code-execution-in-template-closures

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/contao/contao

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/contao/contao/commit/577d7fdd5b1ca84f65f034ff556865422f0a3bd1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/contao/contao/commit/676f0855d39007ac9a0dbe7ae6a7414cba2312a5

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/contao/contao/commit/ebf84c90e5679a67060f396b924ce4a3c3f206b3

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-11-25T19:59:53Z/ Found at https://github.com/contao/contao/security/advisories/GHSA-98vj-mm79-v77r

Vector: CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H Found at https://nvd.nist.gov/vuln/detail/CVE-2025-65960

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Attack Vector (AV)

Attack Complexity (AC)

Privileges Required (PR)

User Interaction (UI)

Scope (S)

Confidentiality Impact (C)

Integrity Impact (I)

Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none

Exploit Prediction Scoring System (EPSS)

Percentile	0.05759
EPSS Score	0.0002
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T16:57:38.734102+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2025/65xxx/CVE-2025-65960.json	38.6.0