We read every piece of feedback, and take your input very seriously.
To see all available qualifiers, see our documentation.
A malicious Frappe user with desk access could create documents containing HTML payloads allowing HTML Injection.
No known workarounds exist, it's recommended to upgrade your Frappe version to latest version.
Summary
A malicious Frappe user with desk access could create documents containing HTML payloads allowing HTML Injection.
Workaround
No known workarounds exist, it's recommended to upgrade your Frappe version to latest version.