appRain CMF cross-site scripting vulnerability (CNVD-2025-20911)

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /apvain/admin/config/opts endpoint. The vulnerability can be exploited by an attacker to steal a victim's cookie-based authentication...

appRain CMF 跨站脚本漏洞

appRain CMF is a content management framework. A cross-site scripting vulnerability exists in appRain CMF due to improper validation of user-supplied input on the /apvain/admin/config/opts endpoint. The vulnerability can be exploited by an attacker to steal a victim's cookie-based authentication...