Security Advisory

CVE-2022-23056

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-06-22 07:25:16

Last updated 2024-09-17 03:59:39

Assigner Mend

State PUBLISHED

Description

In ERPNext, versions v13.0.0-beta.13 through v13.30.0 are vulnerable to Stored XSS at the Patient History page which allows a low privilege user to conduct an account takeover attack.

← Browse all CVEs View on cve.org ↗