Frappe · Frappe · CVE-2023-41328
**Name of the Vulnerable Software and Affected Versions**
Frappe versions prior to 13.46.1
Frappe versions prior to 14.20.0
**Description**
A SQL Injection issue has been identified in the Frappe Framework, which could allow a malicious actor to access sensitive information.
**Recommendations**
For versions prior to 13.46.1, upgrade to version 13.46.1 or later.
For versions prior to 14.20.0, upgrade to version 14.20.0 or later.