Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config
4.6
Medium
Detected by
Fluid Attacks AI SAST Scanner
Disclosed by
Oscar Uribe
Summary
Full name
Frappe Framework 17.0.0-dev - Stored XSS via eval in Number Card filters_config
Code name
State
Public
Release date
Affected product
Frappe Framework
Vendor
Frappe
Affected version(s)
17.0.0-dev
Vulnerability name
Stored cross-site scripting (XSS)
Vulnerability type
Remotely exploitable
Yes
CVSS v4.0 vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:A/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N
CVSS v4.0 base score
4.6
Exploit available
Yes
CVE ID(s)
Description
A Stored Cross-Site Scripting (XSS) vulnerability exists in Frappe Framework version 17.0.0-dev due to unsafe evaluation of user-controlled data in the Number Card component. An authenticated attacker can create or modify a Number Card and store a malicious payload in the filters_config field.
When another user opens the affected Number Card in Desk, client-side code evaluates the stored filters_config value using eval, resulting in arbitrary JavaScript execution in the victim's browser. Multiple reported variants have been consolidated under a single vulnerability because they share the same root source (filters_config) and execution sink (eval).
Vulnerability
Case 1: Stored JS execution via eval (primary case)
Source: attacker-controlled input in
Number Card.filters_config(Type = Custom).Persistence: value is stored and returned to Desk clients when the document is opened.
Primary sink:
frm.filters = eval(frm.doc.filters_config);on refresh.frm.filters = eval(frm.doc.filters_config);onfilters_configchange.
Impact: arbitrary JavaScript executes in the authenticated victim browser context.
Case 2: Derived HTML injection path after eval (same CVE, same root cause)
After
eval, the generated filter data is rendered into HTML rows using template literals.render_filters_tableandset_dynamic_filters_in_tableappend HTML via jQuery.append()/.html().This is treated as a secondary/derived path of the same vulnerability family, not a separate CVE, because exploitation is already achieved at
eval.
Relevant code:
frappe/frappe/desk/doctype/number_card/number_card.js:25frappe/frappe/desk/doctype/number_card/number_card.js:93frappe/frappe/desk/doctype/number_card/number_card.js:197-255frappe/frappe/desk/doctype/number_card/number_card.js:548-568frappe/frappe/desk/doctype/number_card/number_card.py:205-212(whitelisted creation path)
PoC
Reproduction
Login to Desk:
http://localhost:18080/login
Open Number Card list:
http://localhost:18080/desk/number-card/view/list
Click
Add Number Card.Set fields:
Label:MCP Eval XSS PoC 2Type:CustomMethod:frappe.desk.doctype.number_card.number_card.get_resultFilters Configuration:(alert(9222), [])
Click
Save.Observe that alert executes.
Return to list view and open
MCP Eval XSS PoC 2again.Observe alert executes again (stored/persistent behavior).
Expected result:
JavaScript
alert(9222)executes in the browser when the malicious Number Card is opened.
Evidence of Exploitation
Video of exploitation
Static evidence
Our security policy
We have reserved the ID CVE-2026-50705 to refer to this issue from now on.
System Information
Frappe Framework
Version 17.0.0-dev
Operating System: Any
References
Github Repository: https://github.com/frappe/frappe
Mitigation
There is currently no patch available for this vulnerability.
Credits
The vulnerability was discovered by Oscar Uribe from Fluid Attacks' Offensive Team using the AI SAST Scanner.
Timeline
Vulnerability discovered
Vendor contacted
Vendor replied
Public disclosure
Does your application use this vulnerable software?
During our free trial, our tools assess your application, identify vulnerabilities, and provide recommendations for their remediation.
