A vulnerability was found in Frappe. It has been rated as problematic. Affected by this issue is some unknown functionality of the file frappe/templates/includes/navbar/navbar_search.html of the component Search. The manipulation of the argument q leads to cross site scripting. The attack may be launched remotely. The name of the patch is bfab7191543961c6cb77fe267063877c31b616ce. It is recommended to apply a patch to fix this issue. The identifier of this vulnerability is VDB-213560.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/3xxx/CVE-2022-3988.json",
"cna_assigner": "VulDB",
"cwe_ids": [
"CWE-707"
]
}{
"cpe": "cpe:2.3:a:frappe:frappe:*:*:*:*:*:*:*:*",
"extracted_events": [
{
"introduced": "0"
},
{
"last_affected": "14.14.3"
}
],
"source": [
"CPE_RANGE",
"REFERENCES"
]
}