exploitDog

GHSA-9r99-wj3h-r2mv

Опубликовано: 04 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 5.4

Описание

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Group][name]' parameter in /apprain/admin/managegroup/add/.

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Group][name]' parameter in /apprain/admin/managegroup/add/.

Ссылки

EPSS

Процентиль: 5%

0.0002

Низкий

5.1 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-41038

CVSS3: 5.4

nvd

5 месяцев назад

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[Group][name]' parameter in /apprain/admin/managegroup/add/.

EPSS

Процентиль: 5%

0.0002

Низкий

5.1 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79