What the vulnerability does
01Description
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafted e-mail address.
CVSS base score
CVSS vector
CVSS:3.0/AC:L/AV:N/A:N/C:H/I:N/PR:N/S:C/UI:R
What the vulnerability does
ERPNext 11.1.47 allows reflected XSS via the PATH_INFO to the user/ URI, as demonstrated by a crafted e-mail address.
Key dates
External resources