Back to search
CVE-2025-69238
Published: Mar 16, 2026
Modified: Mar 16, 2026
PUBLISHED
Description
Raytha CMS is vulnerable to Cross-Site Request Forgery across multiple endpoints. Attacker can craft special website, which when visited by the authenticated victim, will automatically send POST request to the endpoint (e. x. deletion of the data) without enforcing token verification. This issue was fixed in version 1.4.6.
| Vendor | Product | Versions |
|---|---|---|
Raytha | Raytha | affected 0 - < 1.4.6 |
Weaknesses (CWE)
References
https://cert.pl/en/posts/2026/03/CVE-2025-69236
third-party-advisory
https://raytha.com
product
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now