CVE-2023-41328

Frappe is a low code web framework written in Python and Javascript. A SQL Injection vulnerability has been identified in the Frappe Framework which could allow a malicious actor to access sensitive information. This issue has been addressed in versions 13.46.1 and 14.20.0. Users are advised to upgrade. There’s no workaround to fix this without upgrading. (CVSS:7.5) (Last Update:2023-09-11 18:05:46)   Latest security vulnerabilities (SQL Injection) (CVSS score >= 4) 

​ 

 

More To Explore