CVE-2025-41040 | appRain CMF 4.0.5 lipsum.xml cross site scripting

A vulnerability classified as problematic has been found in appRain CMF 4.0.5. Impacted is an unknown function of the file /apprain/developer/language/lipsum.xml. Performing manipulation of the argument data[code]/data[lang][0][key]/data[lang][0][value]/data[lang][1][key]/data[title] results in cross site scripting.

This vulnerability was named CVE-2025-41040. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More