Back to search
CVE-2025-69245
Published: Mar 16, 2026
Modified: Mar 16, 2026
PUBLISHED
Description
Raytha CMS is vulnerable to Reflected XSS via returnUrl parameter in logon functionality. An attacker can craft a malicious URL which, when opened by the authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue was fixed in 1.4.6.
| Vendor | Product | Versions |
|---|---|---|
Raytha | Raytha | affected 0 - < 1.4.6 |
Weaknesses (CWE)
References
https://cert.pl/en/posts/2026/03/CVE-2025-69236
third-party-advisory
https://raytha.com
product
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now