CVE-2025-69243

Source
https://cve.org/CVERecord?id=CVE-2025-69243
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69243.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-69243
Published
2026-03-16T11:54:32.682Z
Modified
2026-07-08T07:32:16.028837047Z
Severity
  • 6.9 (Medium) CVSS_V4 - CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N CVSS Calculator
Summary
User enumeration in Raytha CMS
Details

Raytha CMS is vulnerable to User Enumeration in password reset functionality. Difference in messages could allow an attacker to determine if the login is valid or not, enabling a brute force attack with valid logins.

This issue was fixed in version 1.5.0.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/69xxx/CVE-2025-69243.json",
    "cwe_ids": [
        "CWE-204"
    ],
    "cna_assigner": "CERT-PL"
}
References

Affected packages

Git / github.com/raythahq/raytha

Affected ranges

Type
GIT
Repo
https://github.com/raythahq/raytha
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
Database specific
{
    "cpe": "cpe:2.3:a:raytha:raytha:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.5.0"
        }
    ],
    "source": [
        "AFFECTED_FIELD",
        "CPE_RANGE"
    ]
}

Affected versions

v0.*
v0.9.0
v0.9.1
v0.9.2
v0.9.3
v0.9.4
v1.*
v1.0.0
v1.0.1
v1.0.2
v1.0.3
v1.0.4
v1.0.5
v1.0.6
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.2.0
v1.3.0
v1.3.1
v1.3.2
v1.3.3
v1.4.1
v1.4.2
v1.4.3
v1.4.4
v1.4.5
v1.4.6

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-69243.json"