CNNVD-202602-352 Information
Feb 03, 2026
cve
CNNVD ID
CNNVD-202602-352
Related CVE
- CNNVD Published: 2026-02-03
Description (Chinese)
ERPNext是印度ERPNext公司的一套开源的企业资源计划解决方案。 ERPNext 15.88.1及之前版本存在安全漏洞,该漏洞源于未清理或移除纯文本字段中的HTML标签,可能导致钓鱼攻击或恶意软件传播。
Description (English)
ERPNext is an open-source enterprise resource plan solution for ERPNext in India. ERPNext 15.88.1 and previous versions contain a security loophole, which stems from uncleaned or removed HTML labels in plain text fields, which may lead to fishing attacks or malicious software dissemination.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
ERPNext
Published
2026-02-03
Last Modified
2026-02-24
References
https://github.com/frappe/frappe_docker.git
Patch
https://github.com/frappe/frappe_docker/releases
Share on: