CVE-2025-41042 | appRain CMF 4.0.5 add cross site scripting

A vulnerability, which was classified as problematic, has been found in appRain CMF 4.0.5. The impacted element is an unknown function of the file /apprain/information/manage/emailtemplate/add. The manipulation of the argument data[Option][message]/data[Option][subject]/data[Option][templatetype] leads to cross site scripting.

This vulnerability is referenced as CVE-2025-41042. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More