CVE-2025-67171

Name of the Vulnerable Software and Affected Versions RiteCMS version 3.1.0

Description A flaw exists in the access control mechanism within the /templates/ component. This allows attackers to access sensitive files through directory traversal techniques. The affected component is the /templates/ API endpoint. Attackers can exploit this by manipulating directory paths to gain unauthorized access to files.

Recommendations Update RiteCMS to a version that addresses this access control issue. As a temporary workaround, restrict access to the /templates/ component to minimize the risk of unauthorized file access.