780 matches found
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the contact/ URI...
CVE-2019-20515
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the addresses/ URI...
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the user/ URI, as demonstrated by a crafted e-mail address...
CVE-2019-20517
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the contact/ URI...
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the user/ URI, as demonstrated by a crafted e-mail address...
CVE-2019-20514
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the address/ URI...
CVE-2019-20520
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/method/ URI...
CVE-2019-20516
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the blog/ URI...
CVE-2019-20518
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the project/ URI...
Design/Logic Flaw
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the user/ URI, as demonstrated by a crafted e-mail address...
Cross site scripting
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/method/ URI...
Cross site scripting
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the address/ URI...
Cross site scripting
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/ URI...
Cross site scripting
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the blog/ URI...
CVE-2019-20521
CVE-2019-20521 affects ERPNext 11.1.47, where a reflected XSS vulnerability can be triggered via PATH_INFO to the api/ URI. The connected documents confirm the existence of this reflected XSS issue and its target product/version, but do not provide concrete exploitation details, specific vulnerab...
CVE-2019-20521
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the api/ URI...
CVE-2019-20520
CVE-2019-20520 affects ERPNext 11.1.47 and is a reflected XSS vulnerability that can be triggered via the PATH_INFO to the api/method/ URI. Multiple connected feeds corroborate the same description. CVSS metrics: CVSSv3.1 base score 6.1 (NETWORK, LOW attack complexity, NONE privileges, UI REQUIRE...
CVE-2019-20519
Affected software: ERPNext 11.1.47. Vulnerability: reflected XSS via PATH_INFO to the user/ URI, demonstrated by a crafted e-mail address. Root cause (as stated): improper handling of PATH_INFO leading to script execution on the client side. Impact: client-side code execution risk; severity metri...
CVE-2019-20519
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the user/ URI, as demonstrated by a crafted e-mail address...
CVE-2019-20518
ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the project/ URI...