2 matches found
CVE-2024-50356
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn't be able to login by bypassing the 2FA. Onl...
PT-2024-34165 · Frappe · Press
Name of the Vulnerable Software and Affected Versions: Press versions prior to the version containing commit ba0007c28ac814260f836849bc07d29beea7deb6 Description: The issue concerns a password reset vulnerability in Press, a custom app for Frappe Cloud that manages various services including...