CVE-2026-42839 | Frappe ERPNext 16.16.0 Description item_name/description/image cross site scripting

A vulnerability identified as problematic has been detected in Frappe ERPNext 16.16.0. This vulnerability affects unknown code of the component Description Handler. The manipulation of the argument item_name/description/image leads to cross site scripting.

This vulnerability is referenced as CVE-2026-42839. Remote exploitation of the attack is possible. No exploit is available.VulDB Recent EntriesRead More