All 37 CVE vulnerabilities found in frappe, with AI-generated Chinese analysis, references, and POCs.
Vendor: frappe
| CVE ID | Title | CVSS | Severity | Paused |
|---|---|---|---|---|
| CVE-2023-46127 | Frappe vulnerable to HTML injection by any Desk user CWE-79 | 5.4 | Medium | 2023-10-23 |
| CVE-2023-41328 | Possibility limited SQL injection due to insufficient validation in Frappe CWE-89 | 4.2 | Medium | 2023-09-06 |
| CVE-2022-41712 | Frappe Technologies Frappe 路径遍历漏洞 | 6.3 | - | 2022-11-25 |
| CVE-2022-3988 | Frappe Search navbar_search.html cross site scripting CWE-707 | 3.5 | Low | 2022-11-14 |
| CVE-2022-23055 | ERPNext - Improper user access conrol CWE-862 | 8.1 | - | 2022-06-22 |
| CVE-2022-23058 | ERPNext - Stored XSS in My Settings CWE-79 | 5.4 | - | 2022-06-22 |
| CVE-2022-23057 | ERPNext - Stored XSS in My Profile CWE-79 | 5.4 | - | 2022-06-22 |
All 37 known CVE vulnerabilities affecting frappe with full Chinese analysis, references, and POCs where available.