MEDIUM - zero redgem

Recent Advisories

Severity	ID	Title	Vendor	Product	Date	Type
MEDIUM 4.6	CVE-2026-50710	Frappe Framework 17.0.0-dev – Stored XSS via eval in Number Card filters_config_CVE-2026-50710 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50709	Frappe Framework 17.0.0-dev – Stored XSS in Notifications Events color rendering_CVE-2026-50709 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50708	Frappe Framework 17.0.0-dev – Stored XSS in Multi Select Dialog result rendering_CVE-2026-50708 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50705	Frappe Framework 17.0.0-dev – Stored XSS in Form Dashboard headline rendering_CVE-2026-50705 A Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of untrusted input in the F...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50704	Frappe Framework 17.0.0-dev – Reflected/Stored XSS in File View breadcrumbs rendering_CVE-2026-50704 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.8	CVE-2026-50703	Frappe Framework 17.0.0-dev – Stored XSS in Desktop Icon label rendering_CVE-2026-50703 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 5.1	CVE-2026-50701	Frappe Framework 17.0.0-dev – Reflected DOM XSS in dashboard-view breadcrumb rendering_CVE-2026-50701 A Reflected Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlle...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 4.6	CVE-2026-50700	Frappe Framework 17.0.0-dev – Stored XSS in frappe.get_avatar image rendering_CVE-2026-50700 A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to improper neutralization of user-controlled i...	Frappe	Frappe Framework 17.0.0-dev	Jun 24, 2026	CVE
MEDIUM 5.4	CVE-2026-10531	AI Share & Summarize < 2.0.4 - Contributor+ Stored XSS via title_style Shortcode Attribute_CVE-2026-10531 The AI Share & Summarize WordPress plugin before 2.0.4 does not sanitise and escape some of its shortcode attributes before outputting them in a pa...	Unknown	AI Share & Summarize	Jun 24, 2026	CVE
MEDIUM 5.3	CVE-2026-56761	hono – HTML Injection via Improper JSX Attribute Name Handling in SSR_CVE-2026-56761 hono before 4.12.14 contains an html injection vulnerability in jsx server-side rendering that allows attackers to inject unintended html by using ...	hono	hono	Jun 24, 2026	CVE