CVE-2025-41049 | appRain CMF 4.0.5 appform data[Addon][layouts]/data[Addon][layouts_except] cross site scripting

A vulnerability identified as problematic has been detected in appRain CMF 4.0.5. This issue affects some unknown processing of the file /apprain/developer/addons/update/appform. This manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] causes cross site scripting.

This vulnerability appears as CVE-2025-41049. The attack may be initiated remotely. There is no available exploit.VulDB Recent EntriesRead More