4 matches found
EUVD-2025-30203
Malicious code in bioql PyPI...
CVE-2025-59421
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. A bad actor can flood the inbox of a user by repeatedly sending invites duplicate. The issue is fixed in commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615...
CVE-2025-59421
CVE-2025-59421 affects Press, a Frappe custom app running on Frappe Cloud. The issue is a lack of validation and rate limiting that allows a malicious actor to flood a user’s inbox by repeatedly sending duplicate invitations. The vulnerability is mitigated by the fix committed as 83c3fc7676c5dbbe...
CVE-2025-59421 Press vulnerable to email flooding to users due to lack of validation and rate limits
Press, a Frappe custom app that runs Frappe Cloud, manages infrastructure, subscription, marketplace, and software-as-a-service SaaS. A bad actor can flood the inbox of a user by repeatedly sending invites duplicate. The issue is fixed in commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615...