CVE-2025-41060 | appRain CMF 4.0.5 tree data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

A vulnerability was found in appRain CMF 4.0.5. It has been classified as problematic. This vulnerability affects unknown code of the file /apprain/developer/addons/update/tree. The manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] leads to cross site scripting.

This vulnerability is listed as CVE-2025-41060. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More