CVE-2026-50710

Sažetak

A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component.

Reference

https://fluidattacks.com/es/advisories/sum41
https://github.com/frappe/frappe
https://fluidattacks.com/es/advisories/sum41

CVSS

Base:	0.0
Impact:	None
Exploitability:	None

Pristup

Vektor	Složenost	Autentikacija
None	None	None

Impact

Povjerljivost	Cjelovitost	Dostupnost
None	None	None

CVSS vektor

None

Zadnje važnije ažuriranje

25-06-2026 - 14:04

Objavljeno

24-06-2026 - 16:16