Browse all 11 CVE security advisories affecting Raytha. AI-powered Chinese analysis, POCs, and references for each vulnerability.
Raytha serves as a headless CMS platform enabling content management through APIs, primarily used for building dynamic websites. Historically, it has been susceptible to multiple vulnerability classes, including remote code execution (RCE), cross-site scripting (XSS), and privilege escalation, with 11 CVEs documented to date. Notable security characteristics include its .NET-based architecture and frequent updates addressing authentication bypass flaws. While no major public incidents have been widely reported, the consistent pattern of vulnerabilities in input validation and access control mechanisms suggests ongoing security challenges requiring vigilant patch management and secure configuration practices.
| CVE ID | Title | CVSS | Severity | Published |
|---|---|---|---|---|
| CVE-2025-69246 | Lack of bruteforce protection in Raytha CMS — RaythaCWE-307 | 9.1 | - | 2026-03-16 |
| CVE-2025-69245 | Reflected XSS in Raytha CMS — RaythaCWE-79 | 6.1 | - | 2026-03-16 |
| CVE-2025-69243 | User enumeration in Raytha CMS — RaythaCWE-204 | 5.3 | - | 2026-03-16 |
| CVE-2025-69242 | Reflected XSS in Raytha CMS — RaythaCWE-79 | 6.1 | - | 2026-03-16 |
| CVE-2025-69241 | Stored XSS in Raytha CMS — RaythaCWE-79 | 5.4 | - | 2026-03-16 |
| CVE-2025-69240 | Header Poisoning in Raytha CMS — RaythaCWE-348 | 8.8 | - | 2026-03-16 |
| CVE-2025-69239 | Server-Site Request Forgery in Raytha CMS — RaythaCWE-918 | 3.8 | - | 2026-03-16 |
| CVE-2025-69238 | Cross-Site Request Forgery in Raytha CMS — RaythaCWE-352 | 6.5 | - | 2026-03-16 |
| CVE-2025-69237 | Stored XSS in Raytha CMS — RaythaCWE-79 | 5.4 | - | 2026-03-16 |
| CVE-2025-69236 | Stored XSS in Raytha CMS — RaythaCWE-79 | 5.4 | - | 2026-03-16 |
| CVE-2025-15540 | Authenticated RCE in Raytha CMS — RaythaCWE-94 | 7.2AI | HighAI | 2026-03-16 |
This page lists every published CVE security advisory associated with Raytha. Each entry links to a detailed page with CVSS scoring, CWE classification, affected products and references. AI-generated Chinese analysis is provided for fast triage.