Sql injection

2019-08-1218:15:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

High

0.003 Low

EPSS

Percentile

68.3%

An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. There exists an authenticated SQL injection.

CPENameOperatorVersion
frappege10.0.0
frappele12.0.4

CPE	Name	Operator	Version
	frappe	ge	10.0.0
	frappe	le	12.0.4

References

github.com/frappe/frappe/compare/v12.0.3...v12.0.4

github.com/frappe/frappe/pull/8044

github.com/frappe/frappe/pull/8045

github.com/frappe/frappe/pull/8046

github.com/frappe/frappe/pull/8047

github.com/frappe/frappe/releases/tag/v12.0.4