Lucene search
K

6 matches found

NVD
NVD
added 2026/06/12 4:16 p.m.7 views

CVE-2026-44208

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submitdiscussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS0.00321EPSS
Exploits0References1
Vulnrichment
Vulnrichment
added 2026/06/12 2:26 p.m.9 views

CVE-2026-44208 Frappe: IDOR in `submit_discussion()`

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submitdiscussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS5.2AI score0.00321EPSS
Exploits0References1
EUVD
EUVD
added 2026/06/12 2:26 p.m.7 views

EUVD-2026-36485

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submitdiscussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS5.2AI score0.00321EPSS
Exploits0References1
CVE
CVE
added 2026/06/12 2:26 p.m.16 views

CVE-2026-44208

CVE-2026-44208 affects the Frappe framework (full-stack web app). A lack of input/permission validations in the submit_discussion() endpoint allows unauthorized access to resources (IDOR) in affected builds. The issue is fixed in versions 15.107.0 and 16.17.0; prior releases were vulnerable. No e...

6.9CVSS5.2AI score0.00321EPSS
Exploits0References1
Cvelist
Cvelist
added 2026/06/12 2:26 p.m.25 views

CVE-2026-44208 Frappe: IDOR in `submit_discussion()`

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submitdiscussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS0.00321EPSS
Exploits0References1
Positive Technologies
Positive Technologies
added 2026/06/12 12:0 a.m.19 views

PT-2026-48891

Frappe is a full-stack web application framework. Prior to versions 15.107.0 and 16.17.0, lack of validations in the "submit discussion" endpoint allows for unauthorized access to resources. This issue has been patched in versions 15.107.0 and 16.17.0...

6.9CVSS5.2AI score0.00321EPSS
Exploits0References2
Rows per page
Query Builder