Frappe · Frappe Erpnext · CVE-2018-11339
**Name of the Vulnerable Software and Affected Versions**
Frappe ERPNext versions prior to the fixed version
**Description**
A cross-site scripting (XSS) issue was discovered in Frappe ERPNext. The issue is related to a comment.
**Recommendations**
At the moment, there is no information about a newer version that contains a fix for this vulnerability.