CVE-2026-44207 Frappe: Insecure Direct Object Reference for email accounts

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, an IDOR vulnerability allows authenticated users to access other users' email configuration details. This issue has been patched in versions 15.107.0 and 16.17.0...

CVE-2026-44207

CVE-2026-44207 affects the Frappe full‑stack web framework. It is an insecure direct object reference (IDOR) that allows authenticated users to access other users’ email configuration details. Affected versions are prior to 15.107.0 and 16.17.0. The issue has been patched in 15.107.0 and 16.17.0....

Privilege escalation leads unauthorized user to edit email batch configurations - CVE-2021-41313

Affected versions of Atlassian Jira Server and Data Center allow authenticated but non-admin remote attackers to edit email batch configurations via an Improper Authorization vulnerability in the /secure/admin/ConfigureBatching!default.jspa endpoint. The affected versions are before version 8.21....

Weak Password Vulnerability in Isthmus Electronic Document Security Management System

Electronic document security management system referred to as: CDG is an electronic document security protection software. Document security management system background configuration system there is a default password, the attacker can enter the background through the default password to obtain...