CVE-2025-41054 | appRain CMF 4.0.5 cycle data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

A vulnerability classified as problematic has been found in appRain CMF 4.0.5. This affects an unknown function of the file /apprain/developer/addons/update/cycle. The manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] leads to cross site scripting.

This vulnerability is uniquely identified as CVE-2025-41054. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More