CVE-2025-69245

MEDIUM SEVERITY

CVSS Score & Metrics

Base Score

6.1 / 10

Vector String

                                        CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N                                    

Vulnerability Description

Raytha CMS is vulnerable to Reflected XSS via returnUrl parameter in logon functionality. An attacker can craft a malicious URL which, when opened by the authenticated victim, results in arbitrary JavaScript execution in the victim’s browser.

This issue was fixed in 1.4.6.

Vulnerability Details

Published Date

March 16, 2026

Last Modified

March 16, 2026

CWE ID

CWE-79

Source

NVD

Vendor

Raytha

Product

Raytha

External References

https://cert.pl/en/posts/2026/03/CVE-2025-69236
https://raytha.com

CVE-2025-69245

CVSS Score & Metrics

Vulnerability Description

Vulnerability Details

External References

Discussion (0)

Add Comment