Security Advisory

CVE-2025-41042

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-04 11:10:57

Last updated 2025-09-04 20:11:32

Assigner INCIBE

State PUBLISHED

Description

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the data[Option][message], data[Option][subject] and data[Option][templatetype] parameters in /apprain/information/manage/emailtemplate/add.

← Browse all CVEs View on cve.org ↗