CVE-2025-41052 | appRain CMF 4.0.5 canvasjs data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

A vulnerability described as problematic has been identified in appRain CMF 4.0.5. The impacted element is an unknown function of the file /apprain/developer/addons/update/canvasjs. Executing manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] can lead to cross site scripting.

This vulnerability is handled as CVE-2025-41052. The attack can be executed remotely. There is not any exploit available.VulDB Recent EntriesRead More