CVE-2025-41051 | appRain CMF 4.0.5 bootstrap data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

A vulnerability marked as problematic has been reported in appRain CMF 4.0.5. The affected element is an unknown function of the file /apprain/developer/addons/update/bootstrap. Performing manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] results in cross site scripting.

This vulnerability is known as CVE-2025-41051. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More