CVE-2019-20515

ERPNext 11.1.47 allows reflected XSS via the PATHINFO to the addresses/ URI...

EUVD-2019-11064

Malware in sbrugna...

ERPNext cross-site scripting vulnerability (CNVD-2020-19002)

ERPNext is an open source enterprise resource planning solution from ERPNext India. A cross-site scripting vulnerability exists in ERPNext version 11.1.47. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerabilit...

ERPNext Cross-Site Scripting Vulnerability (CNVD-2020-25805)

ERPNext is a free, open source, integrated enterprise resource planning software. A cross-site scripting vulnerability exists in ERPNext version 11.1.47. The vulnerability stems from a lack of proper validation of client-side data by the WEB application. An attacker can exploit the vulnerability ...

ERPNext Injection Vulnerability

ERPNext is an open source enterprise resource planning solution from ERPNext India. An injection vulnerability exists in ERPNext version 11.1.47, which arises from a lack of proper validation of user input data by a networked system or product during the course of a user's operation to enter...