Frappe is a low code web framework written in Python and Javascript. A SQL Injection vulnerability has been identified in the Frappe Framework which could allow a malicious actor to access sensitive information. This issue has been addressed in versions 13.46.1 and 14.20.0. Users are advised to upgrade. There's no workaround to fix this without upgrading.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2023-09-06T17:46:45.689Z
Updated: 2024-08-02T19:01:33.610Z
Reserved: 2023-08-28T16:56:43.366Z
Link: CVE-2023-41328
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2023-09-06T18:15:09.047
Modified: 2023-09-11T18:05:46.093
Link: CVE-2023-41328
Redhat
No data.