Vulnerabilities > Frappe > Frappe > 14.10.0

DATE CVE VULNERABILITY TITLE RISK
2024-02-07 CVE-2024-24812 Cross-site Scripting vulnerability in Frappe
Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and a tightly integrated client side library.
network
low complexity
frappe CWE-79
5.4
5.4
2023-10-23 CVE-2023-46127 Cross-site Scripting vulnerability in Frappe
Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and an integrated client side library.
network
low complexity
frappe CWE-79
5.4
5.4
2023-09-06 CVE-2023-41328 SQL Injection vulnerability in Frappe
Frappe is a low code web framework written in Python and Javascript.
network
low complexity
frappe CWE-89
7.5
7.5
2022-11-25 CVE-2022-41712 Path Traversal vulnerability in Frappe 14.10.0
Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files.
network
low complexity
frappe CWE-22
6.5
6.5
2022-11-14 CVE-2022-3988 Cross-site Scripting vulnerability in Frappe
A vulnerability was found in Frappe.
network
low complexity
frappe CWE-79
6.1
6.1