Name of the Vulnerable Software and Affected Versions: appRain CMF version 4.0.5 Description: A stored authenticated Cross-Site Scripting (XSS) issue exists due to insufficient validation of user-supplied data. The vulnerability is triggered through the data[AppReportCode][id] and data[AppReportCode][name] parameters in the /apprain/appreport/manage/ API endpoint. Recommendations: Apply input validation and sanitization to the data[AppReportCode][id] and data[AppReportCode][name] parameters in the /apprain/appreport/manage/ API…Read More