Security Advisory
CVE-2025-41038
CVE vulnerability detail — eXtreme Datacenter Security Operations
Description
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the data[Group][name] parameter in /apprain/admin/managegroup/add/.