← Zuruck zu CVEs
CVE-2025-69245
MEDIUM6.1
Beschreibung
Raytha CMS is vulnerable to Reflected XSS via returnUrl parameter in logon functionality. An attacker can craft a malicious URL which, when opened by the authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue was fixed in 1.4.6.
CVE Details
CVSS v3.1 Bewertung6.1
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienNONE
BenutzerinteraktionREQUIRED
Veroffentlicht3/16/2026
Zuletzt geandert3/16/2026
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
raytha:raytha
Schwachen (CWE)
CWE-79
Referenzen
https://cert.pl/en/posts/2026/03/CVE-2025-69236(cvd@cert.pl)
https://raytha.com(cvd@cert.pl)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.