Vulnerabilities > Frappe > Erpnext > 12.16.2

DATE CVE VULNERABILITY TITLE RISK
2022-06-22 CVE-2022-23057 Cross-site Scripting vulnerability in Frappe Erpnext
In ERPNext, versions v12.0.9--v13.0.3 are vulnerable to Stored Cross-Site-Scripting (XSS), due to user input not being validated properly.
network
low complexity
frappe CWE-79
5.4
5.4