CVE-2025-11165

Name of the Vulnerable Software and Affected Versions dotCMS (affected versions not specified)

Description A security issue exists in dotCMS’s Velocity scripting engine (VTools) that allows authenticated users with scripting privileges to bypass class and package restrictions enforced by SecureUberspectorImpl. By dynamically modifying the Velocity engine’s runtime configuration and reinitializing its Uberspect, an attacker can remove the introspector.restrict.classes and introspector.restrict.packages protections. Once these restrictions are cleared, the attacker can access arbitrary Java classes, including java.lang.Runtime, and execute arbitrary system commands under the privileges of the application process. The affected API endpoints and variables are not specified.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.