2 matches found
CVE-2024-24812 Frappe Authenticated Reflected Cross site scripting (XSS) in portal pages
Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and a tightly integrated client side library. Prior to versions 14.59.0 and 15.5.0, portal pages are susceptible to Cross-Site Scripting XSS which can be used to inject malicious JS code if user click...
CVE-2024-24812
CVE-2024-24812 affects the Frappe framework. The vulnerability is a portal-page Cross-Site Scripting (XSS) issue that could allow injection of malicious JavaScript when a user clicks a crafted link. Public sources confirm the issue is in Frappe versions prior to 14.59.0 and 15.5.0 and that it has...