Vulnerability in N/a
CVE-2026-31017
A Server-Side Request Forgery (SSRF) vulnerability exists in the Print Format functionality of ERPNext v16.0.1 and Frappe Framework v16.1.1, where user-supplied HTML is insufficiently sanitized before being rendered into PDF. When generati…
EPSS: 0.000 (13.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a