CVE-2026-42840 | Frappe ERPNext 16.16.0 email_id/mobile_no cross site scripting

A vulnerability marked as problematic has been reported in Frappe ERPNext 16.16.0. Impacted is an unknown function. This manipulation of the argument email_id/mobile_no causes cross site scripting.

This vulnerability is tracked as CVE-2026-42840. The attack is possible to be carried out remotely. No exploit exists.VulDB Recent EntriesRead More