CVE-2025-69240

Name of the Vulnerable Software and Affected Versions Raytha CMS versions prior to 1.4.6

Description Raytha CMS is susceptible to an issue where an attacker can manipulate X-Forwarded-Host or Host headers to point to a domain controlled by the attacker. Knowing a victim's email address, the attacker can trigger a password reset email containing a link that directs the victim to the attacker’s domain. When the victim clicks this link, their browser sends a request to the attacker’s domain, including a token in the path. This allows the attacker to capture the token and subsequently reset the victim's password, leading to account takeover. The vulnerable parameters are X-Forwarded-Host and Host.

Recommendations Update Raytha CMS to version 1.4.6 or later.