CVE-2019-20519 | ERPNext 11.1.47 Email Address user/ PATH_INFO Reflected cross site scripting
A vulnerability classified as problematic was found in ERPNext 11.1.47. Affected by this vulnerability is an unknown functionality of the file user/ of the component Email Address Handler. The manipulation of the argument PATH_INFO leads to cross site scripting (Reflected).
This vulnerability is known as CVE-2019-20519. The attack can be launched remotely. There is no exploit available.