Lucene search
+L

10 matches found

euvd
euvd
added 2026/06/24 6:32 p.m.6 views

EUVD-2026-38806

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References3
euvd
euvd
added 2026/06/24 6:32 p.m.9 views

EUVD-2026-38807

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Number Card component...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References3
nvd
nvd
added 2026/06/24 4:16 p.m.9 views

CVE-2026-50711

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
nvd
nvd
added 2026/06/24 4:16 p.m.9 views

CVE-2026-50710

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
cve
cve
added 2026/06/24 3:18 p.m.14 views

CVE-2026-50711

CVE-2026-50711 affects Frappe Framework (17.0.0-dev). A Stored XSS exists in the Number Card component due to improper neutralization of user-controlled input. The connected documents confirm the vulnerability but do not specify exploit details, affected versions beyond 17.0.0-dev, or remediation...

4.6CVSS5.8AI score0.00256EPSS
Exploits0References2
attackerkb
attackerkb
added 2026/06/24 3:8 p.m.6 views

CVE-2026-50710

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References3
cve
cve
added 2026/06/24 3:8 p.m.10 views

CVE-2026-50710

CVE-2026-50710 affects Frappe Framework 17.0.0-dev with a Stored XSS in the Number Card filters_config due to unsafe evaluation of user-controlled data. The root cause is evaluating user-provided data in the Number Card component, enabling script injection. Public references are to Fluid Attacks ...

4.6CVSS5.9AI score0.00256EPSS
Exploits0References2
cvelist
cvelist
added 2026/06/24 3:8 p.m.37 views

CVE-2026-50710 Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config

A Stored Cross-Site Scripting XSS vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component...

4.6CVSS0.00256EPSS
Exploits0References2
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.12 views

PT-2026-51833

Name of the Vulnerable Software and Affected Versions Frappe Framework version 17.0.0-dev Description A Stored Cross-Site Scripting XSS issue occurs in the Number Card component when user-controlled data is unsafely evaluated. This happens specifically within the filters config variable, where th...

4.6CVSS6.2AI score0.00256EPSS
Exploits0References6
ptsecurity
ptsecurity
added 2026/06/24 12:0 a.m.15 views

PT-2026-51834

Name of the Vulnerable Software and Affected Versions Frappe Framework version 17.0.0-dev Description A Stored Cross-Site Scripting XSS issue exists due to improper neutralization of user-controlled input within the Number Card component, specifically affecting the rendering of filter fields...

4.6CVSS6.1AI score0.00256EPSS
Exploits0References6
Rows per page
Query Builder