CVE-2025-69437 is a stored Cross-Site Scripting (XSS) vulnerability in PublicCMS v5.202506.d and earlier versions. The root cause lies in the insufficient validation of uploaded PDF files within the backend CmsFileUtils.java component. Attackers can craft PDF documents containing embedded JavaScript payloads that bypass the CMS's PDF security checks. When such a malicious PDF is uploaded through any of the affected file upload endpoints (/cmsTemplate/save, /file/doUpload, /cmsTemplate/doUpload, /file/doBatchUpload, /cmsWebFile/doUpload), the payload is stored persistently. Upon a user viewing the PDF within the CMS interface, the embedded JavaScript executes in the context of the victim’s browser session. This can lead to credential theft, unauthorized API calls, session hijacking, and other malicious activities compromising confidentiality and integrity. The vulnerability requires the attacker to have privileges to upload files and the victim to interact with the malicious content, but it does not require administrative privileges or complex exploitation techniques. The CVSS 3.1 score of 8.7 reflects the high impact on confidentiality and integrity, low attack complexity, and the need for user interaction. No patches or mitigations are currently linked, and no known exploits have been reported in the wild, but the vulnerability poses a significant risk to organizations relying on PublicCMS for content management.

The impact of CVE-2025-69437 is significant for organizations using vulnerable versions of PublicCMS. Successful exploitation can lead to theft of user credentials, enabling attackers to escalate privileges or gain unauthorized access to sensitive systems. Arbitrary API execution can allow attackers to manipulate backend services, potentially leading to data breaches, unauthorized data modification, or disruption of CMS functionality. The persistent nature of stored XSS means that multiple users can be affected once the malicious PDF is uploaded. This can erode trust in the CMS platform, cause data integrity issues, and expose organizations to regulatory and compliance risks. Given the widespread use of PublicCMS in various sectors, including government, education, and enterprises, the vulnerability could be leveraged for targeted attacks or broader campaigns. The requirement for user interaction and privileges to upload files somewhat limits the attack surface but does not eliminate the risk, especially in environments with many users or weak access controls.

To mitigate CVE-2025-69437, organizations should implement the following specific measures: 1) Immediately restrict or disable file upload functionality for non-trusted users until a patch is available. 2) Implement strict validation and sanitization of uploaded PDF files, including using specialized PDF parsing libraries that can detect and remove embedded JavaScript or other active content. 3) Employ Content Security Policy (CSP) headers to limit the execution of inline scripts and reduce the impact of XSS attacks. 4) Monitor and audit file uploads and user activity to detect suspicious behavior or anomalous file types. 5) Educate users about the risks of interacting with untrusted content within the CMS. 6) Segregate CMS user roles to minimize the number of users with file upload privileges. 7) Regularly update PublicCMS to the latest version once a patch addressing this vulnerability is released. 8) Consider implementing runtime application self-protection (RASP) or web application firewalls (WAF) with rules targeting PDF-based XSS payloads. These steps go beyond generic advice by focusing on PDF-specific validation and user privilege management tailored to the vulnerability’s exploitation vector.