A vulnerability was found in appRain CMF 4.0.5. It has been declared as problematic. Affected by this issue is some unknown functionality of the file /apprain/developer/addons/update/960grid. Executing manipulation of the argument data[Addon][layouts]/data[Addon][layouts_except] can lead to cross site scripting.
This vulnerability is registered as CVE-2025-41046. It is possible to launch the attack remotely. No exploit is available.
![CVE-2024-11730 | iqonicdesign KiviCare Plugin up to 3.6.4 on WordPress static_data_list sort[] sql injection](https://update.cybetower.swiss/wp-content/themes/Extra/images/post-format-thumb-text.svg)