Primary

Context

Raytha CMS Header Spoofing Vulnerability Leading to Account Takeover

Vulnerability

A vulnerability in Raytha CMS prior to version 1.4.6 allows an attacker to spoof the 'X-Forwarded-Host' or 'Host' headers, directing them to an attacker-controlled domain. By knowing the victim's email address, the attacker can manipulate the server into sending a password reset email with a link pointing to the spoofed domain. When the victim clicks the link, their browser sends a request to the attacker's domain with a token in the path, enabling the attacker to capture the token. This token can then be used to reset the victim's password and gain access to their account.

Impact

Exploitation of this vulnerability allows for unauthorized password resets, leading to account takeover.

Remediation

Users can upgrade to Raytha CMS version 1.4.6 or later to address this vulnerability.

Added: Mar 16, 2026, 2:39 PM

Updated: Mar 16, 2026, 2:39 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.8

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

3.1

exploitability

5.8

remediation

0.0

relevance

4.0

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Raytha CMS Header Spoofing Vulnerability Leading to Account Takeover

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating