CVE-2025-41044 | appRain CMF 4.0.5 create data[Page][name] cross site scripting

Inserito da Angelo Barbosa | Set 4, 2025 | CVE

A vulnerability was found in appRain CMF 4.0.5 and classified as problematic. Affected is an unknown function of the file /apprain/page/manage-static-pages/create. Such manipulation of the argument data[Page][name] leads to cross site scripting.

This vulnerability is listed as CVE-2025-41044. The attack may be performed from remote. There is no available exploit.

CVE-2025-41044 | appRain CMF 4.0.5 create data[Page][name] cross site scripting

Post correlati

CVE-2025-38179 | Linux Kernel up to 6.12.34/6.15.3/6.16-rc2 SMB Client smb_extract_folioq_to_rdma out-of-bounds

CVE-2025-24402 | Azure Service Fabric Plugin up to 1.6 on Jenkins cross-site request forgery

CVE-2025-7425 | libxslt Attribute Type key atype use after free

CVE-2024-21678 | Atlassian Confluence Data Center cross site scripting