Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated cross-site scripting (XSS) issue exists due to insufficient validation of user-supplied data. The vulnerability is triggered through the data[Admin][description], data[Admin][f name], and data[Admin][l name] parameters in the /apprain/admin/account/edit API endpoint. Recommendations: Apply input validation and sanitization to the data[Admin][description], data[Admin][f name], and data[Admin][l name] parameters in the /apprain/admin/account/edit API…Read More
PT-2025-35907
