Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
4.3
CVSSv2

CVE-2018-11339

Published: 22/05/2018 Updated: 26/06/2018
CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 435
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N
Subscribe to Erpnext

Vulnerability Summary

An XSS issue exists in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.

Vulnerable Product Search on Vulmon Subscribe to Product

frappe erpnext 11.x.x-develop_b1036e5

Exploits

Exploit DB: ERPnext 11 - Cross-Site Scripting
# Exploit Title: ERPnext 11xx - Cross-Site Scripting # Date: 2018-05-10 # Exploit Author: Veerababu Penugonda # Vendor Homepage: erpnextcom/ # Software Link: demoerpnextcom/ # Version: Frappe ERPNext v11xx-develop # Tested on: Mozilla Firefox quantum 601 , Ubuntu OS # CVE : CVE-2018-11339 # 1 Description: # demoer ...
Exploit DB: ERPnext 11.x.x Cross Site Scripting
ERPnext version 11xx suffers from a cross site scripting vulnerability ...

References

CWE-79https://github.com/frappe/frappe/issues/5546https://discuss.erpnext.com/t/stored-xss-in-erpnext-demo-website/36587https://www.exploit-db.com/exploits/44691/https://nvd.nist.govhttps://www.exploit-db.com/exploits/44691/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4040privilege escalationCVE-2024-4112CVE-2024-32872man-in-the-middleCVE-2024-32788bypassCVE-2024-3400CVE-2024-28976
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook