1 matches found
CVE-2017-1000120
ERPNextFrappe Version = 7.1.27 SQL injection vulnerability in frappe.share.getusers allows remote authenticated users to execute arbitrary SQL commands via the fields parameter...