Exposición de Frappe
Web frameworks45
score de exposición
472
sitios usan
0
en explotación
3
críticos
CVEs
48 resultadosCVE-2023-46127MEDIUMFrappe vulnerable to HTML injection by any Desk userEPSS 37.0%CVE-2026-39352HIGHFrappe has an Arbitrary File Read via Path Traversal in render_includeEPSS 1.3%CVE-2022-23055—ERPNext - Improper user access conrolEPSS 1.1%CVE-2022-41712MEDIUMFrappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does nEPSS 0.9%CVE-2022-23058—ERPNext - Stored XSS in My SettingsEPSS 0.8%CVE-2024-24813HIGHFrappe SQL Injection from reporting logicEPSS 0.6%CVE-2025-30213MEDIUMFrappe has Possibility of Remote Code Execution due to improper validationEPSS 0.6%CVE-2024-27105HIGHFrappe File Permissions can by bypassed using certain endpointsEPSS 0.6%CVE-2022-3988LOWFrappe Search navbar_search.html cross site scriptingEPSS 0.6%CVE-2022-23057—ERPNext - Stored XSS in My ProfileEPSS 0.6%CVE-2024-34074MEDIUMFrappe vuilnerable to an open redirect on login pageEPSS 0.6%CVE-2023-41328MEDIUMPossibility limited SQL injection due to insufficient validation in FrappeEPSS 0.4%CVE-2025-68929CRITICALFrappe may be vulnerable remote code execution due to server-side template injectionEPSS 0.4%CVE-2025-30212MEDIUMFrappe has possibility of SQL injection due to improper validationsEPSS 0.4%CVE-2025-52898HIGHFrappe account takeover via password reset token leakageEPSS 0.4%CVE-2024-24812MEDIUMFrappe Authenticated Reflected Cross site scripting (XSS) in portal pagesEPSS 0.4%CVE-2025-30214HIGHFrappe vulnerable to information disclosure leading to account takeoverEPSS 0.4%CVE-2025-68953HIGHCertain Frappe requests are vulnerable to Path TraversalEPSS 0.4%CVE-2025-52895HIGHFrappe possibility of SQL injection due to improper validationsEPSS 0.3%CVE-2025-55731MEDIUMFrappe has the possibility of Authenticated SQL Injection due to improper validationsEPSS 0.3%
¿Quieres saber si tu infraestructura está expuesta a esto?
Hablar con TrueHacking →