Severity by source
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
Lifecycle Timeline
4DescriptionCVE.org
Raytha CMS is vulnerable to Stored XSS via FirstName and LastName parameters in profile editing functionality. Authenticated attacker can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.
This issue was fixed in version 1.4.6.
AnalysisAI
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the profile editing functionality, specifically within the FirstName and LastName parameters. An authenticated attacker can inject arbitrary HTML and JavaScript code that persists in the application and executes in the browsers of users viewing the compromised profile, potentially leading to session hijacking, credential theft, or defacement. This vulnerability has been remediated in version 1.4.6.
Technical ContextAI
This vulnerability is a classic Stored XSS flaw (CWE-79) resulting from inadequate input validation and output encoding in Raytha CMS's user profile management module. The FirstName and LastName fields accept and store unsanitized user input without proper HTML entity encoding or Content Security Policy restrictions. When these fields are subsequently rendered in the application interface, the injected JavaScript executes in the context of other users' browsers with the same privilege level as the authenticated session. The vulnerability affects Raytha CMS (identified via CPE pattern cpe:2.3:a:raytha:raytha_cms) versions prior to 1.4.6, impacting the profile editing functionality accessible to authenticated users.
RemediationAI
Upgrade Raytha CMS to version 1.4.6 or later immediately to apply the upstream security patch. For deployments unable to patch immediately, implement input validation on the FirstName and LastName fields to reject or sanitize any HTML special characters (such as <, >, ", and &) and enforce output encoding when rendering these fields in HTML context using a templating engine with automatic escaping. Additionally, implement a Content Security Policy (CSP) header with script-src restrictions to mitigate the impact of any injected scripts. Review access controls to ensure that only necessary authenticated users can modify profile information, and audit logs for any suspicious profile modifications made during the window of exposure.
SQL injection in Raytha CMS 1.5.2 lets a remote, unauthenticated attacker inject arbitrary SQL through the OData filter
A code injection vulnerability in Raytha CMS's Functions module allows privileged users to execute arbitrary .NET operat
A host header injection vulnerability in Raytha CMS allows attackers to hijack password reset tokens by spoofing X-Forwa
Raytha CMS contains a user enumeration vulnerability in its password reset functionality where differing error messages
Raytha CMS lacks brute force protection mechanisms, allowing attackers to conduct unlimited automated login attempts wit
Raytha CMS contains a Cross-Site Request Forgery (CSRF) vulnerability across multiple endpoints that fails to enforce to
Raytha CMS contains a Reflected Cross-Site Scripting (XSS) vulnerability in the logon functionality's returnUrl paramete
Raytha CMS contains a reflected cross-site scripting (XSS) vulnerability in the backToListUrl parameter that allows unau
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the page creation functionality through the Fie
Raytha CMS contains a Stored Cross-Site Scripting (XSS) vulnerability in the post editing functionality, specifically wi
Raytha CMS contains a Server-Side Request Forgery (SSRF) vulnerability in its Theme Import from URL feature that allows
Same weakness CWE-79 – Cross-site Scripting (XSS)
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-208709