Haider87Kareem

**Name of the Vulnerable Software and Affected Versions** Frappe versions prior to 14.59.0 Frappe versions prior to 15.5.0 **Description** Frappe is a full-stack web application framework that uses Python and MariaDB on the server side and a tightly integrated client side library. The issue is related to Cross-Site Scripting (XSS) in portal pages, which can be used to inject malicious JS code if a user clicks on a malicious link. **Recommendations** For versions prior to 14.59.0, update to version 14.59.0 or later. For versions prior to 15.5.0, update to version 15.5.0 or later.