PT-2025-40244
Name of the Vulnerable Software and Affected Versions Frappe ERPNext version 15.57.5 Description The function get blanket orders at erpnext/controllers/queries.py is susceptible to SQL Injection. An attacker can potentially extract information from databases by injecting a SQL query into the...