Design/Logic Flaw

2019-08-1218:15:00

PRIOn knowledge base

www.prio-n.com

6 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

32.7%

An issue was discovered in Frappe Framework 10, 11 before 11.1.46, and 12. There exists an XSS vulnerability.

CPENameOperatorVersion
frappeeq10.0.0
frappeeq12.0.0
frappege11.0.0
frappelt11.1.46

Name	Operator	Version
frappe	eq	10.0.0
frappe	eq	12.0.0
frappe	ge	11.0.0
frappe	lt	11.1.46

References

github.com/frappe/frappe/compare/v11.1.45...v11.1.46

github.com/frappe/frappe/pull/7981

github.com/frappe/frappe/releases/tag/v11.1.46