CVE-2025-41054

CVE-2025-41054 affects appRain CMF 4.0.5. It’s a stored authenticated XSS in /apprain/developer/addons/update/cycle via data[Addon][layouts] and data[Addon][layouts_except]. Reported exploitation status is not provided; CVSS indicates NETWORK, LOW attack complexity, and user interaction is REQUIR...