A vulnerability was found in Frappe. It has been rated as problematic. Affected by this issue is some unknown functionality of the file frappe/templates/includes/navbar/navbar_search.html of the component Search. The manipulation of the argument q leads to cross site scripting. The attack may be launched remotely. The name of the patch is bfab7191543961c6cb77fe267063877c31b616ce. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213560.
References
Link | Resource |
---|---|
https://github.com/frappe/frappe/commit/bfab7191543961c6cb77fe267063877c31b616ce | Patch Third Party Advisory |
https://github.com/frappe/frappe/pull/18847 | Patch Third Party Advisory |
https://vuldb.com/?id.213560 | Permissions Required Third Party Advisory VDB Entry |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: VulDB
Published: 2022-11-14T00:00:00
Updated: 2022-11-14T00:00:00
Reserved: 2022-11-14T00:00:00
Link: CVE-2022-3988
JSON object: View
NVD Information
Status : Modified
Published: 2022-11-14T11:15:10.123
Modified: 2023-11-07T03:52:04.563
Link: CVE-2022-3988
JSON object: View
Redhat Information
No data.