Try ERPNext Try Frappe Cloud Buy Support Partners Foundation

Stored XSS in ERPnext Demo website

in the erpnext demo in below link
https://demo.erpnext.com/desk#Form/Asset%20Repair/ARLOG-00001

and functionality “Comment” is vulnerable to XSS like Stored , Reflected , Cookie , possible for more

and follow the below images

to get confirm

impact: An attacker can use this vulnerability to inject malicious code into the application, which will execute in the browser of any user who is viewing the relevant application content. The attacker code can perform wide variety of actions such as stealing the target user cookies or performing actions on their behalf and also can capture the keystrokes of the user.

2 Likes

Thanks for reporting. We will fix it soon. You can follow it’s development here: https://github.com/frappe/frappe/issues/5546

This has been assigned a CVE - CVE-2018-11339

More details are available at https://exchange.xforce.ibmcloud.com/vulnerabilities/143723