7 matches found
CGA-RM6G-2FQ2-C9WX
Bulletin has no description...
MINI-MQG5-8M23-P4F5
Bulletin has no description...
EUVD-2025-132225
Malicious code in teate-thy-sonic-rugfez npm...
CVE-2025-41043
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAppReportCodeid' and 'dataAppReportCodename' parameters in /apprain/appreport/manage/...
Cross-site Scripting (XSS)
Overview Affected versions of this package are vulnerable to Cross-site Scripting XSS via improper validation of user input in the dataAppReportCodeid and dataAppReportCodename parameters within the /apprain/appreport/manage/ process. An attacker can execute arbitrary scripts in the context of a...
CVE-2025-41043 Stored Cross-Site Scripting vulnerability in appRain CMF
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'dataAppReportCodeid' and 'dataAppReportCodename' parameters in /apprain/appreport/manage/...
PT-2025-35914
Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated Cross-Site Scripting XSS issue exists due to insufficient validation of user-supplied data. The vulnerability is triggered through the dataAppReportCodeid and dataAppReportCodename...