Description

dotCMS versions 24.03.22 and after, identified a Boolean-based blind SQLi vulnerability in the /api/v1/contenttype endpoint. This endpoint uses the sites query parameter, which accepts a comma-separated list of site identifiers or keys. The vulnerability was triggered via the sites parameter, which was directly concatenated into a SQL query without proper sanitization. Exploitation allowed an authenticated attacker with low privileges to extract data from database, perform privilege escalation, or trigger denial-of-service conditions. The vulnerability was verified using tools such as SQLMap and confirmed to allow full database exfiltration and potential denial-of-service conditions via crafted payloads. The vulnerability is fixed in the following versions of dotCMS stack: 25.08.14 / 25.07.10-1v2 LTS / 24.12.27v10 LTS / 24.04.24v21 LTS

INFO

Published Date :

2025-09-04T14:12:42.176Z

Last Modified :

2025-09-09T15:00:33.959Z

Source :

dotCMS
AFFECTED PRODUCTS

The following products are affected by CVE-2025-8311 vulnerability.

Vendors Products
Dotcms
  • Dotcms
REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2025-8311.

URL Resource
https://dev.dotcms.com/docs/known-security-issues?issueNumber=SI-73 cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Attack Requirements
Privileges Required
User Interaction
VS Confidentiality
VS Integrity
VS Availability
SS Confidentiality
SS Integrity
SS Availability