Vulnerability Details CVE-2018-11339
An XSS issue was discovered in Frappe ERPNext v11.x.x-develop b1036e5 via a comment.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.056
EPSS Ranking 89.9%
CVSS Severity
CVSS v3 Score 6.1
CVSS v2 Score 4.3
References
- https://discuss.erpnext.com/t/stored-xss-in-erpnext-demo-website/36587
- https://github.com/frappe/frappe/issues/5546
- https://www.exploit-db.com/exploits/44691/
- https://discuss.erpnext.com/t/stored-xss-in-erpnext-demo-website/36587
- https://github.com/frappe/frappe/issues/5546
- https://www.exploit-db.com/exploits/44691/