Skip to content

NuytsTech Security

  • Home
  • Terms of Use
    • Privacy Policy
  • Blog
  • Updates
  • Cloud Hosting
  • Contact

NuytsTech Security

  • Home
  • Terms of Use
    • Privacy Policy
  • Blog
  • Updates
  • Cloud Hosting
  • Contact
  • Vulnerabilities

CVE-2022-23057

by Fred · 22/06/2022

In ERPNext, versions v12.0.9–v13.0.3 are vulnerable to Stored Cross-Site-Scripting (XSS), due to user input not being validated properly. A low privileged attacker could inject arbitrary code into input fields when editing his profile.

Date published : 2022-06-22

https://github.com/frappe/frappe/commit/497ea…

https://www.mend.io/vulnerability-database/CV…

Share this:

  • Click to share on Twitter (Opens in new window)
  • Click to share on Facebook (Opens in new window)
  • Click to share on LinkedIn (Opens in new window)
  • Click to share on Tumblr (Opens in new window)
  • Click to share on Reddit (Opens in new window)
  • Click to share on Telegram (Opens in new window)

Related

Tags: Cybersecurity Alert

Follow us

  • Next story CVE-2022-2175
  • Previous story CVE-2021-41924

Current cyberalert

Recent Posts

  • CVE-2023-32787
  • CVE-2023-32784
  • CVE-2023-31986
  • CVE-2023-31845
  • CVE-2023-31844
  • CVE-2023-31843
  • CVE-2023-31842
  • CVE-2023-31631
  • CVE-2023-31630
  • CVE-2023-31629
  • CVE-2023-31628
  • CVE-2023-31627
  • CVE-2023-31626
  • CVE-2023-31625
  • CVE-2023-31624
  • CVE-2023-31623
  • CVE-2023-31622
  • CVE-2023-31621
  • CVE-2023-31620
  • CVE-2023-31619
  • CVE-2023-31618
  • CVE-2023-31617
  • CVE-2023-31616
  • CVE-2023-31615
  • CVE-2023-31614
  • CVE-2023-31613
  • CVE-2023-31612
  • CVE-2023-31611
  • CVE-2023-31610
  • CVE-2023-31609

Categories

  • Critical cyberalert
  • Vulnerabilities

Tags

CISA Cyberalert Cybersecurity Alert Russia Shields Up Ukraine

© 2020-2023 NUYTSTECH. All Rights Reserved. Use of the CVE (Common Vulnerabilities and Exposures) from this non-profit website are subject to the terms of use.