Frappe ERPNext 12.29.0 is vulnerable to XSS where the software does not neutralize or incorrectly neutralize user-controllable input before it is placed in output that is used as a web page that is served to other users.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published:

Updated: 2026-07-09T00:18:35.782Z

Reserved: 2022-04-04T00:00:00.000Z

Link: CVE-2022-28598

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2022-08-22T17:15:08.123

Modified: 2026-06-17T04:38:41.553

Link: CVE-2022-28598

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

No data.