AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

CVE-2025-69240: Raytha CMS allows an attacker to spoof `X-Forwarded-Host` or `Host` headers to attacker controlled domain. The attacker

infovulnerability

security

Source: NVD/CVE DatabaseMarch 16, 2026CVE-2025-69240

Summary

Raytha CMS has a vulnerability where attackers can trick the server into sending password reset emails with links pointing to the attacker's domain instead of the legitimate one by spoofing HTTP headers (X-Forwarded-Host or Host, which tell the server what domain name was used to reach it). When a victim clicks the malicious link, their password reset token gets sent to the attacker, who can then reset their password and take over their account.

Solution / Mitigation

This issue was fixed in version 1.4.6.

Vulnerability Details

EPSS (30-day exploit probability)

EPSS: 0.0%

Disclosure Date

March 16, 2026

Classification

Attack SophisticationModerate

Taxonomy References

CWE (Weakness Type)

CWE-348

Original source: https://nvd.nist.gov/vuln/detail/CVE-2025-69240

First tracked: March 16, 2026 at 12:07 PM

Classified by LLM (prompt v3) · confidence: 95%