CVE-2025-12868

Name of the Vulnerable Software and Affected Versions New Site Server (affected versions not specified)

Description New Site Server, developed by CyberTutor, is affected by a Use of Client-Side Authentication issue. This allows unauthenticated remote attackers to modify the frontend code, potentially gaining administrator privileges on the website. The modification of frontend code enables attackers to bypass authentication controls and achieve complete control over the website’s administrative functions.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.