CVE-2026-53568
Frappe: Stored XSS in Frappe Report/List View via 'set_link_title_field_value'
CVSS Score
0.0
EPSS Score
0.0%
EPSS Percentile
7th
Frappe is a full-stack web application framework. Prior to versions 15.107.2 and 16.17.4, there is a stored XSS vulnerablity in Frappe Report/List View. This issue has been patched in versions 15.107.2 and 16.17.4.
| CWE | CWE-79 |
| Vendor | frappe |
| Product | frappe |
| Published | Jun 12, 2026 |
| Last Updated | Jun 12, 2026 |
Stay Ahead of the Next One
Get instant alerts for frappe frappe
Be the first to know when new unknown vulnerabilities affecting frappe frappe are published โ delivered to Slack, Telegram or Discord.
Get Free Alerts โ
Free ยท No credit card ยท 60 sec setup
Affected Versions
frappe / frappe
< 15.107.2 < 16.17.4