Nixpkgs security tracker
Untriaged
Frappe Workspace modification and stored XSS due to improper resource ownership checks
Frappe is a full-stack web application framework. Prior to 14.100.2, 15.101.0, and 16.10.0, due to a lack of validation and improper permission checks, users could modify other user's private workspaces. Specially crafted requests could lead to stored XSS here. This vulnerability is fixed in 14.100.2, 15.101.0, and 16.10.0.
References
-
https://github.com/frappe/frappe/security/advisories/GHSA-qmhf-rgx2-8p25 x_refsource_CONFIRM
Affected products
frappe
- ==< 16.10.0
Matching in nixpkgs
pkgs.nixos-artwork.wallpapers.catppuccin-frappe
Catppuccin Frappé colorscheme wallpaper for NixOS
-
nixos-unstable 2024-02-15
- nixpkgs-unstable 2024-02-15
- nixos-unstable-small 2024-02-15
-
nixos-25.11 2024-02-15
- nixos-25.11-small 2024-02-15
- nixpkgs-25.11-darwin 2024-02-15
pkgs.nixos-artwork.wallpapers.nineish-catppuccin-frappe
Catppuccin Frappe wallpaper for Nix inspired by simpler times
-
nixos-unstable 2025-01-27
- nixpkgs-unstable 2025-01-27
- nixos-unstable-small 2025-01-27
-
nixos-25.11 2025-01-27
- nixos-25.11-small 2025-01-27
- nixpkgs-25.11-darwin 2025-01-27
pkgs.nixos-artwork.wallpapers.nineish-catppuccin-frappe-alt
Alternative Catppuccin Frappe wallpaper for Nix inspired by simpler times
-
nixos-unstable 2025-01-27
- nixpkgs-unstable 2025-01-27
- nixos-unstable-small 2025-01-27
-
nixos-25.11 2025-01-27
- nixos-25.11-small 2025-01-27
- nixpkgs-25.11-darwin 2025-01-27