Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
frappe frappe vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2019-20518
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the project/ URI.
Frappe Erpnext 11.1.47
6.1
CVSSv3
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafted e-mail address.
Frappe Erpnext 11.1.47
6.1
CVSSv3
CVE-2019-20520
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/method/ URI.
Frappe Erpnext 11.1.47
6.1
CVSSv3
CVE-2019-20521
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the api/ URI.
Frappe Erpnext 11.1.47
6.1
CVSSv3
CVE-2019-20515
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the addresses/ URI.
Frappe Erpnext 11.1.47
6.1
CVSSv3
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the contact/ URI.
Frappe Erpnext 11.1.47
6.1
CVSSv3
CVE-2019-20511
ERPNext 11.1.47 allows blog?blog_category= Frame Injection.
Frappe Erpnext 11.1.47
7.5
CVSSv3
CVE-2019-20529
In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files.
Frappe Frappe 11.0.0
Frappe Frappe 12.0.0
6.1
CVSSv3
CVE-2019-15700
public/js/frappe/form/footer/timeline.js in Frappe Framework 12 up to and including 12.0.8 does not escape HTML in the timeline and thus is affected by crafted "changed value of" text.
Frappe Frappe
9.8
CVSSv3
CVE-2019-14965
An issue exists in Frappe Framework 10 through 12 prior to 12.0.4. A server side template injection (SSTI) issue exists.
Frappe Frappe
1 Github repository
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
bypass
open redirect
CVE-2024-4358
CVE-2024-24199
CVE-2024-5550
CVE-2024-5305
CVE-2024-30373
CVE-2024-1800
deserialization
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »