{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-69236", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "state": "PUBLISHED", "assignerShortName": "CERT-PL", "dateReserved": "2025-12-30T08:44:21.410Z", "datePublished": "2026-03-16T11:52:54.021Z", "dateUpdated": "2026-03-16T13:49:57.302Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Raytha", "repo": "https://github.com/raythahq/raytha", "vendor": "Raytha", "versions": [{"lessThan": "1.4.6", "status": "affected", "version": "0", "versionType": "semver"}]}], "credits": [{"lang": "en", "type": "finder", "value": "Daniel Basta"}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing functionality. Authenticated attacker&nbsp;with permissions to edit posts can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.<br><br>This issue was fixed in version <span style=\"background-color: rgb(255, 255, 255);\">1.4.6</span>."}], "value": "Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing functionality. Authenticated attacker\u00a0with permissions to edit posts can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.\n\nThis issue was fixed in version 1.4.6."}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2026-03-16T11:52:54.021Z"}, "references": [{"tags": ["third-party-advisory"], "url": "https://cert.pl/en/posts/2026/03/CVE-2025-69236"}, {"tags": ["product"], "url": "https://raytha.com"}], "source": {"discovery": "EXTERNAL"}, "tags": ["x_open-source"], "title": "Stored XSS in Raytha CMS", "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-69236", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T13:38:47.028631Z"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T13:49:57.302Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-69236", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2026-03-16T13:38:47.028631Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2026-03-16T13:44:08.924Z"}}], "cna": {"tags": ["x_open-source"], "title": "Stored XSS in Raytha CMS", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Daniel Basta"}], "impacts": [{"capecId": "CAPEC-592", "descriptions": [{"lang": "en", "value": "CAPEC-592 Stored XSS"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "NOT_DEFINED", "baseScore": 5.1, "Automatable": "NOT_DEFINED", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N", "providerUrgency": "NOT_DEFINED", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"repo": "https://github.com/raythahq/raytha", "vendor": "Raytha", "product": "Raytha", "versions": [{"status": "affected", "version": "0", "lessThan": "1.4.6", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://cert.pl/en/posts/2026/03/CVE-2025-69236", "tags": ["third-party-advisory"]}, {"url": "https://raytha.com", "tags": ["product"]}], "x_generator": {"engine": "Vulnogram 0.2.0"}, "descriptions": [{"lang": "en", "value": "Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing functionality. Authenticated attacker\u00a0with permissions to edit posts can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.\n\nThis issue was fixed in version 1.4.6.", "supportingMedia": [{"type": "text/html", "value": "Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing functionality. Authenticated attacker&nbsp;with permissions to edit posts can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.<br><br>This issue was fixed in version <span style=\"background-color: rgb(255, 255, 255);\">1.4.6</span>.", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-79", "description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')"}]}], "providerMetadata": {"orgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "shortName": "CERT-PL", "dateUpdated": "2026-03-16T11:52:54.021Z"}}}, "cveMetadata": {"cveId": "CVE-2025-69236", "state": "PUBLISHED", "dateUpdated": "2026-03-16T13:49:57.302Z", "dateReserved": "2025-12-30T08:44:21.410Z", "assignerOrgId": "4bb8329e-dd38-46c1-aafb-9bf32bcb93c6", "datePublished": "2026-03-16T11:52:54.021Z", "assignerShortName": "CERT-PL"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:raytha:raytha:*:*:*:*:*:*:*:*", "matchCriteriaId": "4A4FC7D6-F33F-4121-A375-B063263585FD", "versionEndExcluding": "1.4.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Raytha CMS is vulnerable to Stored XSS via FieldValues[1].Value parameter in post editing functionality. Authenticated attacker\u00a0with permissions to edit posts can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page.\n\nThis issue was fixed in version 1.4.6."}], "id": "CVE-2025-69236", "lastModified": "2026-03-16T19:32:09.697", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.3, "impactScore": 2.7, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.1, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "NONE", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "cvd@cert.pl", "type": "Secondary"}]}, "published": "2026-03-16T14:18:00.450", "references": [{"source": "cvd@cert.pl", "tags": ["Third Party Advisory"], "url": "https://cert.pl/en/posts/2026/03/CVE-2025-69236"}, {"source": "cvd@cert.pl", "tags": ["Product"], "url": "https://raytha.com"}], "sourceIdentifier": "cvd@cert.pl", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-79"}], "source": "cvd@cert.pl", "type": "Primary"}]}

{}

{"affected": [{"configurations": [{"platform": null, "status": "affected", "versions": {"scheme": "semver", "value": "[0,1.4.6)"}}], "enrichment": {"confidence": 95.0, "confidence_source": "inferred", "scores": [{"score": 95.0, "source": "inferred"}, {"score": 100.0, "source": "matching"}]}, "original": {"product": "Raytha", "source": "cna", "vendor": "Raytha"}, "product": "raytha", "vendor": "raytha"}], "analysis": {"en": {"generated_at": "2026-03-17T14:52:10.053067+00:00", "value": {"mitigation_remediation": ["Apply the patch to Raytha CMS version 1.4.6 or later."], "summary": {"action": "Immediate Patch", "impact": "Stored Cross\u2011Site Scripting"}, "threat_synthesis": {"affected_systems": "Raytha CMS is affected in all releases prior to version 1.4.6. The fix was incorporated in release 1.4.6. All instances of Raytha deployed before that version should be considered vulnerable.", "description_and_impact": "The vulnerability in Raytha CMS allows an attacker with the ability to edit posts to store malicious code in the FieldValues[1].Value parameter. When a post is saved, the injected HTML and JavaScript is stored and rendered on the public page, executing any code present in the visitor\u2019s browser. This stored cross\u2011site scripting flaw can be used to compromise the integrity of the website, deface content, or conduct phishing attacks against site visitors. The weakness is identified as CWE\u201179 stored cross\u2011site scripting.", "risk_and_exploitability": "The CVSS base score is 5.1, indicating a medium severity. The EPSS score is less than 1\u202f%, and the vulnerability is not listed in the CISA KEV catalog. Exploitation requires authenticated access to the post\u2011editing interface; an attacker must have sufficient permissions to edit content. Because the payload is stored server\u2011side and executed in user browsers, the attack path relies on authenticated control of post content and the visitor\u2019s interaction with the compromised page."}}}}, "created": "2026-03-24T10:44:51.633200+00:00", "updated": "2026-03-30T07:02:41.765727+00:00", "vendors": ["raytha", "raytha$PRODUCT$raytha"]}