Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N
Lifecycle Timeline
4DescriptionCVE.org
Raytha CMS is vulnerable to Cross-Site Request Forgery across multiple endpoints. Attacker can craft special website, which when visited by the authenticated victim, will automatically send POST request to the endpoint (e. x. deletion of the data) without enforcing token verification.
This issue was fixed in version 1.4.6.
AnalysisAI
Raytha CMS contains a Cross-Site Request Forgery (CSRF) vulnerability across multiple endpoints that fails to enforce token verification on POST requests. An authenticated user can be tricked into visiting a malicious website crafted by an attacker, which automatically submits unauthorized requests (such as data deletion) to the Raytha CMS application without requiring explicit user confirmation. This vulnerability affects Raytha CMS versions prior to 1.4.6 and has a CVSS score of 6.9 with medium real-world exploitability.
Technical ContextAI
The vulnerability stems from insufficient CSRF protection mechanisms within Raytha CMS, classified under CWE-352 (Cross-Site Request Forgery). Modern web applications typically mitigate CSRF attacks through synchronizer tokens (CSRF tokens) or SameSite cookie attributes that validate POST requests originate from legitimate in-application forms rather than external sources. Raytha CMS fails to implement proper token verification on sensitive endpoints, allowing an unauthenticated attacker to craft a request that leverages an authenticated victim's active session. The CVSS vector (CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N) indicates network accessibility with low complexity and requires user interaction, with high integrity impact (data modification/deletion possible). The vulnerability affects Raytha CMS product line prior to version 1.4.6 (CPE data would reference cpe:2.3:a:raytha:raytha_cms).
RemediationAI
Upgrade Raytha CMS to version 1.4.6 or later as soon as possible, which includes the necessary CSRF token verification fixes. This is the primary and most reliable remediation. As an interim mitigation prior to patching, restrict administrative access to Raytha CMS via network-level controls (IP whitelisting, VPN requirements), enforce HTTPS with HSTS headers to prevent man-in-the-middle attacks that could facilitate CSRF, implement SameSite=Strict cookie attributes if configurable, and educate administrators to avoid visiting untrusted websites while authenticated to Raytha CMS. Verify the upgrade is successful by confirming version 1.4.6 or higher is running and reviewing application logs for any suspicious POST requests from unauthorized sources.
SQL injection in Raytha CMS 1.5.2 lets a remote, unauthenticated attacker inject arbitrary SQL through the OData filter
A code injection vulnerability in Raytha CMS's Functions module allows privileged users to execute arbitrary .NET operat
A host header injection vulnerability in Raytha CMS allows attackers to hijack password reset tokens by spoofing X-Forwa
Raytha CMS contains a user enumeration vulnerability in its password reset functionality where differing error messages
Raytha CMS lacks brute force protection mechanisms, allowing attackers to conduct unlimited automated login attempts wit
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the profile editing functionality, specifically
Raytha CMS contains a Reflected Cross-Site Scripting (XSS) vulnerability in the logon functionality's returnUrl paramete
Raytha CMS contains a reflected cross-site scripting (XSS) vulnerability in the backToListUrl parameter that allows unau
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the page creation functionality through the Fie
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the post editing functionality, specifically wi
Raytha CMS contains a Server-Side Request Forgery (SSRF) vulnerability in its Theme Import from URL feature that allows
Same weakness CWE-352 – Cross-Site Request Forgery (CSRF)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-208703