CVE-2025-41061 | appRain CMF 4.0.5 uploadify data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

A vulnerability was found in appRain CMF 4.0.5. It has been declared as problematic. This issue affects some unknown processing of the file /apprain/developer/addons/update/uploadify. The manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] results in cross site scripting.

This vulnerability is cataloged as CVE-2025-41061. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More