Security Advisory

CVE-2024-49751

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-10-23 15:45:12

Last updated 2024-10-23 16:27:13

Assigner GitHub_M

State PUBLISHED

Description

Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS). Prior to commit 5d118a902872d7941f099ad1fb918e2421e79ccd, a user could inject HTML through SaaS signup inputs. The user who injected the unsafe HTML code would only affect themselves and would not affect other users. Commit 5d118a902872d7941f099ad1fb918e2421e79ccd patches this bug.

← Browse all CVEs View on cve.org ↗