Skip to content

NuytsTech Security

  • Home
  • Terms of Use
    • Privacy Policy
  • Blog
  • Cloud Hosting
  • Updates
  • Contact

NuytsTech Security

  • Home
  • Terms of Use
    • Privacy Policy
  • Blog
  • Cloud Hosting
  • Updates
  • Contact
  • Vulnerabilities

CVE-2022-23058

by Fred · 22/06/2022

ERPNext in versions v12.0.9-v13.0.3 are affected by a stored XSS vulnerability that allows low privileged users to store malicious scripts in the ‘username’ field in ‘my settings’ which can lead to full account takeover.

Date published : 2022-06-22

https://github.com/frappe/frappe/commit/497ea861f481c6a3c52fe2aed9d0df1b6c99e9d7

https://www.mend.io/vulnerability-database/CVE-2022-23058

Share this:

  • Twitter
  • Facebook

Related

Tags: Cybersecurity Alert

Follow us

  • Next story CVE-2022-2175
  • Previous story CVE-2022-34008

Current cyberalert

Recent Posts

  • CVE-2022-34305
  • CVE-2022-34013
  • CVE-2022-34012
  • CVE-2022-34011
  • CVE-2022-33114
  • CVE-2022-33113
  • CVE-2022-31009
  • CVE-2022-2175
  • CVE-2022-34328
  • CVE-2022-34300
  • CVE-2022-34299
  • CVE-2022-34298
  • CVE-2022-34296
  • CVE-2022-34295
  • CVE-2022-34213
  • CVE-2022-34212
  • CVE-2022-34211
  • CVE-2022-34210
  • CVE-2022-34209
  • CVE-2022-34208
  • CVE-2022-34207
  • CVE-2022-34206
  • CVE-2022-34205
  • CVE-2022-34204
  • CVE-2022-34203
  • CVE-2022-34202
  • CVE-2022-34201
  • CVE-2022-34200
  • CVE-2022-34199
  • CVE-2022-34198

Categories

  • Critical cyberalert
  • Vulnerabilities

Tags

CISA Cyberalert Cybersecurity Alert Russia Shields Up Ukraine

© 2020-2022 NUYTSTECH. All Rights Reserved. Use of the CVE (Common Vulnerabilities and Exposures) from this non-profit website are subject to the terms of use.