ERPNext 跨站请求伪造漏洞

ERPNext is an open source enterprise resource planning solution from ERPNext India. ERPNext suffers from a cross-site request forgery vulnerability that can be exploited by attackers to cause unauthorized operations...

PT-2025-19726 · Erpnext · Erpnext

Name of the Vulnerable Software and Affected Versions: ERPNEXT versions 14.74.3 through 14.82.1 Description: A Cross-Site Request Forgery CSRF vulnerability was discovered, allowing an attacker to perform unauthorized actions such as user deletion, password resets, and privilege escalation due to...