6 matches found
EUVD-2019-11069
Malware in sbrugna...
Frappe Technologies Frappe Information Disclosure Vulnerability
Frappe Technologies Frappe is a metadata-driven full-stack web application framework based on Python and JavaScript from Frappe Technologies, India. An information disclosure vulnerability exists in Frappe Technologies Frappe versions 11 and 12, which originates in the...
CVE-2019-20529
In core/doctype/preparedreport/preparedreport.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files no authentication is required to access; having a link is sufficient instead of private files...
CVE-2019-20529
In core/doctype/preparedreport/preparedreport.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files no authentication is required to access; having a link is sufficient instead of private files...
CVE-2019-20529
CVE-2019-20529 affects Frappe 11 and 12: in core/doctype/prepared_report/prepared_report.py, data files generated by Prepared Report were stored as public files (no authentication required) instead of private files, enabling information disclosure via a link. The issue is documented across multip...
CVE-2019-20529
In core/doctype/preparedreport/preparedreport.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files no authentication is required to access; having a link is sufficient instead of private files...