exploitDog

GHSA-rm69-j4mx-pv86

Опубликовано: 04 сент. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 5.4

Описание

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[FileManager][search]' parameter in /apprain/admin/filemanager.

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[FileManager][search]' parameter in /apprain/admin/filemanager.

Ссылки

EPSS

Процентиль: 5%

0.0002

Низкий

5.1 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79

Связанные уязвимости

CVE-2025-41037

CVSS3: 5.4

nvd

5 месяцев назад

A vulnerability has been discovered in appRain CMF version 4.0.5, consisting of a stored authenticated XSS due to a lack of proper validation of user input, through the 'data[FileManager][search]' parameter in /apprain/admin/filemanager.

EPSS

Процентиль: 5%

0.0002

Низкий

5.1 Medium

CVSS4

5.4 Medium

CVSS3

CVE ID

Дефекты

CWE-79