Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Lifecycle Timeline
4DescriptionCVE.org
Raytha CMS is vulnerable to Stored XSS via FieldValues[0].Value parameter in page creation functionality. Authenticated attacker with permissions to create content can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.
This issue was fixed in version 1.4.6.
AnalysisAI
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the page creation functionality through the FieldValues[0].Value parameter, allowing authenticated attackers with content creation permissions to inject malicious HTML and JavaScript that executes when other users visit the edited page. The vulnerability affects Raytha CMS versions prior to 1.4.6 and has a CVSS score of 5.1 with limited scope impact due to required authentication and user interaction. While not currently listed in CISA's Known Exploited Vulnerabilities catalog, the low attack complexity and availability of vendor patch make this a moderate but manageable risk for deployed instances.
Technical ContextAI
This vulnerability is an instance of Stored XSS (CWE-79: Improper Neutralization of Input During Web Page Generation) in a content management system. Raytha CMS fails to properly sanitize or encode user-supplied input in the FieldValues parameter during page creation operations, allowing arbitrary HTML and JavaScript to be persisted in the database and subsequently rendered without proper output encoding. The root cause stems from insufficient input validation or lack of context-aware output encoding when page content is retrieved and displayed to end users. The vulnerability exists in Raytha CMS versions before 1.4.6, indicating the flaw has been present across multiple minor version releases. This type of stored XSS is particularly dangerous because the malicious payload is persistent and affects all users who view the compromised page, unlike reflected XSS which requires a crafted link.
RemediationAI
Upgrade Raytha CMS to version 1.4.6 or later immediately, which includes the fix for this stored XSS vulnerability. The upgrade process should follow the vendor's documented migration and backup procedures to prevent data loss. For organizations unable to patch immediately, implement compensating controls by restricting page creation permissions to a minimal set of trusted administrators, implementing Content Security Policy (CSP) headers with script-src restrictions, and enabling security auditing on all content modifications to detect suspicious activity. Additionally, enforce regular security reviews of published pages and consider implementing an approval workflow for page creation and modification to add a human review layer before content becomes publicly visible.
SQL injection in Raytha CMS 1.5.2 lets a remote, unauthenticated attacker inject arbitrary SQL through the OData filter
A code injection vulnerability in Raytha CMS's Functions module allows privileged users to execute arbitrary .NET operat
A host header injection vulnerability in Raytha CMS allows attackers to hijack password reset tokens by spoofing X-Forwa
Raytha CMS contains a user enumeration vulnerability in its password reset functionality where differing error messages
Raytha CMS lacks brute force protection mechanisms, allowing attackers to conduct unlimited automated login attempts wit
Raytha CMS contains a Cross-Site Request Forgery (CSRF) vulnerability across multiple endpoints that fails to enforce to
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the profile editing functionality, specifically
Raytha CMS contains a Reflected Cross-Site Scripting (XSS) vulnerability in the logon functionality's returnUrl paramete
Raytha CMS contains a reflected cross-site scripting (XSS) vulnerability in the backToListUrl parameter that allows unau
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the post editing functionality, specifically wi
Raytha CMS contains a Server-Side Request Forgery (SSRF) vulnerability in its Theme Import from URL feature that allows
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-208701