Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
NA

CVE-2022-28598

Published: 22/08/2022 Updated: 06/04/2023
CVSS v3 Base Score: 6.1 | Impact Score: 2.7 | Exploitability Score: 2.8
VMScore: 0
Subscribe to Frappe

Vulnerability Summary

Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

frappe erpnext 12.29.0

Exploits

Exploit DB: ERPNext 12.29 Cross Site Scripting
ERPNext version 1229 suffers from a cross site scripting vulnerability ...

References

CWE-79https://github.com/patrickdeanramos/CVE-2022-28598/blob/main/ERPNext%20-%2012.29.0.pdfhttp://erpnext.comhttp://frappe.comhttp://packetstormsecurity.com/files/171730/ERPNext-12.29-Cross-Site-Scripting.htmlhttps://nvd.nist.govhttps://packetstormsecurity.com/files/171730/ERPNext-12.29-Cross-Site-Scripting.html
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-35000CVE-2024-4439unauthorizedCVE-2024-0042CVE-2024-31848CVE-2023-40694cache poisoningCVE-2024-23707firmware
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook