CVE-2025-29306

Name of the Vulnerable Software and Affected Versions FoxCMS version 1.2.5

Description An issue in FoxCMS allows a remote attacker to execute arbitrary code via the case display page in the index.html component. The vulnerability is related to a remote code execution issue.

Recommendations For FoxCMS version 1.2.5, as a temporary workaround, consider disabling the index.html component until a patch is available. Restrict access to the case display page to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.