CVE-2026-50700

CVE-2026-50700CVE-2026-50700

Description

A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled input in the frappe.get_avatar function.

Scoring

Last modified2026-06-24
Sourced from NVD. Curated for EU compliance use cases by Adam Lundqvist, Founder at SQUR.