EUVD-2026-38799

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

CVE-2026-50703

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Desk desktop icon renderer...

CVE-2026-50703

Summary : CVE-2026-50703 affects Frappe Framework 17.0.0-dev, with a stored XSS vulnerability in the Desk desktop icon renderer caused by improper neutralization of user-controlled input. This could allow an attacker to inject malicious content into the icon label, potentially affecting users who...