XSS in Raytha

CVE-2025-69242

Raytha CMS is vulnerable to reflected XSS via the backToListUrl parameter. An attacker can craft a malicious URL which, when opened by authenticated victim, results in arbitrary JavaScript execution in the victim’s browser. This issue was…

Vulnerability class: XSS (Cross-Site Scripting)

EPSS: 0.000 (15.7th percentile) — read the EPSS interpretation.