EUVD-2025-208701CVSS Vector
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Lifecycle Timeline
3Description
Raytha CMS is vulnerable to Stored XSS via FieldValues[0].Value parameter in page creation functionality. Authenticated attacker with permissions to create content can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page. This issue was fixed in version 1.4.6.
Analysis
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the page creation functionality through the FieldValues[0].Value parameter, allowing authenticated attackers with content creation permissions to inject malicious HTML and JavaScript that executes when other users visit the edited page. The vulnerability affects Raytha CMS versions prior to 1.4.6 and has a CVSS score of 5.1 with limited scope impact due to required authentication and user interaction. While not currently listed in CISA's Known Exploited Vulnerabilities catalog, the low attack complexity and availability of vendor patch make this a moderate but manageable risk for deployed instances.
Technical Context
This vulnerability is an instance of Stored XSS (CWE-79: Improper Neutralization of Input During Web Page Generation) in a content management system. Raytha CMS fails to properly sanitize or encode user-supplied input in the FieldValues parameter during page creation operations, allowing arbitrary HTML and JavaScript to be persisted in the database and subsequently rendered without proper output encoding. The root cause stems from insufficient input validation or lack of context-aware output encoding when page content is retrieved and displayed to end users. The vulnerability exists in Raytha CMS versions before 1.4.6, indicating the flaw has been present across multiple minor version releases. This type of stored XSS is particularly dangerous because the malicious payload is persistent and affects all users who view the compromised page, unlike reflected XSS which requires a crafted link.
Affected Products
Raytha CMS versions prior to 1.4.6 are affected by this vulnerability. The specific affected version range has not been exhaustively documented in public disclosures, but the fix was confirmed to be released in version 1.4.6. Organizations using Raytha CMS should identify their current version through administrative panels or package manifests and compare against 1.4.6. The vendor advisory and patch details should be obtained directly from the official Raytha CMS security channels or GitHub repository release notes.
Remediation
Upgrade Raytha CMS to version 1.4.6 or later immediately, which includes the fix for this stored XSS vulnerability. The upgrade process should follow the vendor's documented migration and backup procedures to prevent data loss. For organizations unable to patch immediately, implement compensating controls by restricting page creation permissions to a minimal set of trusted administrators, implementing Content Security Policy (CSP) headers with script-src restrictions, and enabling security auditing on all content modifications to detect suspicious activity. Additionally, enforce regular security reviews of published pages and consider implementing an approval workflow for page creation and modification to add a human review layer before content becomes publicly visible.
Priority Score
Share
External POC / Exploit Code
Leaving vuln.today