logo
DATABASE RESOURCES PRICING ABOUT US

CVE-2019-15700

Description

public/js/frappe/form/footer/timeline.js in Frappe Framework 12 through 12.0.8 does not escape HTML in the timeline and thus is affected by crafted "changed value of" text.


Affected Software


CPE Name Name Version
frappe:frappe frappe 12.0.8