CVE-2026-38431 | Frappe ERPNext up to 15.103.1 Template Expression special elements used in a template engine

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability has been found in Frappe ERPNext up to 15.103.1 and classified as critical. The impacted element is an unknown function of the component Template Expression Handler. Performing a manipulation results in improper neutralization of special elements used in a template engine.

This vulnerability was named CVE-2026-38431. The attack may be initiated remotely. There is no available exploit.

CVE-2026-38431 | Frappe ERPNext up to 15.103.1 Template Expression special elements used in a template engine

Post correlati

CVE-2024-28710 | LimeSurvey up to 6.4.x Alert Widget cross site scripting

CVE-2024-9675 | Buildah Cache Mount path traversal

CVE-2024-53156 | Linux Kernel up to 6.12.1 ath9k htc_hst.c htc_connect_service array index

CVE-2025-22748 | SetMore Appointments SetMore Theme up to 1.1 on WordPress cross site scripting