Lucene search
K

5 matches found

CNNVD
CNNVD
added 2026/04/24 12:0 a.m.5 views

Press 跨站脚本漏洞

Press is a custom application developed by Frappe, based on the Frappe Cloud platform. Press has a cross-site scripting vulnerability, which stems from the redirection parameters on the login page, making them susceptible to reflection-type cross-site scripting attacks...

6.1CVSS5.6AI score0.00155EPSS
Exploits0References1
CNNVD
CNNVD
added 2026/04/24 12:0 a.m.11 views

Press 跨站请求伪造漏洞

Press is a custom application developed by Frappe that runs Frappe Cloud. Press has a cross-site request forgeing vulnerability. This vulnerability stems from the press.api.account.createapisecret endpoint, which is vulnerable to CSRF attacks. This endpoint can be accessed via a GET request and...

8.7CVSS5.7AI score0.00165EPSS
Exploits0References1
CNNVD
CNNVD
added 2025/09/18 12:0 a.m.1 views

Press 安全漏洞

Press is a Frappe open source Frappe custom application running Frappe Cloud. A security vulnerability exists in Press, which originates from an attacker being able to send repeated invitations resulting in the user's inbox being flooded...

6.9CVSS6.5AI score0.0041EPSS
Exploits0References3
Positive Technologies
Positive Technologies
added 2024/10/31 12:0 a.m.4 views

PT-2024-34165 · Frappe · Press

Name of the Vulnerable Software and Affected Versions: Press versions prior to the version containing commit ba0007c28ac814260f836849bc07d29beea7deb6 Description: The issue concerns a password reset vulnerability in Press, a custom app for Frappe Cloud that manages various services including...

7.4AI score0.00361EPSS
Exploits0References7
CNNVD
CNNVD
added 2024/10/31 12:0 a.m.4 views

Press 授权问题漏洞

Press is a Frappe open source Frappe custom application running Frappe Cloud. Press suffers from an authorization issue vulnerability that stems from allowing anyone with the right to bypass 2FA access to a mailbox to reset the password...

6.7AI score0.00361EPSS
Exploits0References2
Rows per page
Query Builder