XSS in Raytha

CVE-2025-69241

Raytha CMS is vulnerable to Stored XSS via FirstName and LastName parameters in profile editing functionality. Authenticated attacker can inject arbitrary HTML and JS into website, which will be rendered/executed when visiting edited page…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (12.0th percentile) — read the EPSS interpretation.