appRain CMF cross-site scripting vulnerability (CNVD-2025-21130)
appRain CMF is a content management framework from appRain Canada. appRain CMF suffers from a cross-site scripting vulnerability that is caused by improper validation of user input in the /apprain/developer/language/lipsum.xml endpoint. An attacker could use this vulnerability to steal the victim...