CVE-2025-69243

Published: Mar 16, 2026 Last Modified: Mar 16, 2026
ExploitDB:
Other exploit source:
Google Dorks:
MEDIUM 6,9
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Confidentiality: N/A
Integrity: N/A
Availability: N/A
MEDIUM 5,3
Source: [email protected]
Attack Vector: network
Attack Complexity: low
Privileges Required: none
User Interaction: none
Scope: unchanged
Confidentiality: low
Integrity: none
Availability: none

Description

AI Translation Available

Raytha CMS is vulnerable to User Enumeration in password reset functionality. Difference in messages could allow an attacker to determine if the login is valid or not, enabling a brute force attack with valid logins.

This issue was fixed in version 1.5.0.

EPSS (Exploit Prediction Scoring System)

Trend Analysis

EPSS (Exploit Prediction Scoring System)

Prevede la probabilità di sfruttamento basata su intelligence sulle minacce e sulle caratteristiche della vulnerabilità.

EPSS Score
0,0004
Percentile
0,1th
Updated

Single Data Point

Only one EPSS measurement is available for this CVE. Trend analysis requires multiple data points over time.

204

Observable Response Discrepancy

Incomplete
Abstraction: Base Structure: Simple
Common Consequences
Security Scopes Affected:
Confidentiality Access Control
Potential Impacts:
Read Application Data Bypass Protection Mechanism
Applicable Platforms
All platforms may be affected
View CWE Details
Application

Raytha by Raytha

Product Information
Vendor Raytha
Product Raytha
Version Range Affected
To 1.5.0 (exclusive)
cpe:2.3:a:raytha:raytha:*:*:*:*:*:*:*:*
Common Platform Enumeration - Standardized vulnerability identification
https://cert.pl/en/posts/2026/03/CVE-2025-69236
https://cert.pl/en/posts/2026/03/CVE-2025-69236
https://raytha.com
https://raytha.com