Security Advisory

CVE-2025-41036

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-04 11:09:16
Last updated 2025-09-04 13:52:09
Assigner INCIBE
State PUBLISHED

Description

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the  data[Admin][description], data[Admin][f_name] and data[Admin][l_name] parameters in /apprain/admin/account/edit.