CVE-2026-38432 | Frappe ERPNext up to 15.103.1 Email Template cross site scripting

Inserito da Angelo Barbosa | Mag 5, 2026 | CVE

A vulnerability was found in Frappe ERPNext up to 15.103.1. It has been declared as problematic. Affected is an unknown function of the component Email Template Handler. The manipulation results in cross site scripting.

This vulnerability is identified as CVE-2026-38432. The attack can be executed remotely. There is not any exploit available.

CVE-2026-38432 | Frappe ERPNext up to 15.103.1 Email Template cross site scripting

Post correlati

CVE-2025-50466 | OpenMetadata up to 1.4.4 TestDefinitionDAO Interface listCount entityType sql injection

CVE-2025-14842 | glenwpcoder Drag and Drop Multiple File Upload for Contact Form 7 Plugin unrestricted upload

CVE-2024-12504 | Broadcast Live Video Plugin up to 6.1.9 on WordPress cross site scripting

CVE-2026-29060 | Forceu Gokapi up to 2.2.2 Auth Token access control