CVE-2025-41041 | appRain CMF 4.0.5 default.xml cross site scripting

A vulnerability classified as problematic was found in appRain CMF 4.0.5. The affected element is an unknown function of the file /apprain/developer/language/default.xml. Executing manipulation of the argument data[code]/data[lang][0][key]/data[lang][0][value]/data[lang][1][key]/data[title] can lead to cross site scripting.

The identification of this vulnerability is CVE-2025-41041. The attack may be launched remotely. There is no exploit available.VulDB Recent EntriesRead More