Back to search
CVE-2025-69242
Published: Mar 16, 2026
Modified: Mar 16, 2026
PUBLISHED
Description
Raytha CMS is vulnerable to reflected XSS via the backToListUrl parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue was fixed in version 1.4.6.
| Vendor | Product | Versions |
|---|---|---|
Raytha | Raytha | affected 0 - < 1.4.6 |
Weaknesses (CWE)
References
https://cert.pl/en/posts/2026/03/CVE-2025-69236
third-party-advisory
https://raytha.com
product
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now