Опубликовано: 04 сент. 2025
Источник: github
Github: Не прошло ревью
CVSS4: 5.1
CVSS3: 5.4
Описание
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[sconfig][ethical_licensekey]' parameter in /apprain/admin/config/ethical.
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[sconfig][ethical_licensekey]' parameter in /apprain/admin/config/ethical.
Связанные уязвимости
CVSS3: 5.4
nvd
5 месяцев назад
A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[sconfig][ethical_licensekey]' parameter in /apprain/admin/config/ethical.