4 matches found
CVE-2024-50356
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn't be able to login by bypassing the 2FA. Onl...
CVE-2024-50356
creationtimestamp| type| source ---|---|--- 2024-10-31 20:17:04+00:00| seen| https://t.me/cvedetector/9518...
CVE-2024-50356
CVE-2024-50356 affects Press, a Frappe custom app (used with Frappe Cloud) that manages infrastructure, subscriptions and SaaS. The issue allows password resets by anyone with access to a user’s email inbox, circumventing 2FA, though logging in remains blocked for users who have 2FA enabled. A pa...
CVE-2024-50356 Press has a potential 2FA bypass
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. The password could be reset by anyone who have access to the mail inbox circumventing the 2FA. Even though they wouldn't be able to login by bypassing the 2FA. Onl...