A7Mad96

**Name of the Vulnerable Software and Affected Versions** Frappe versions prior to 14.74.0 Frappe versions prior to 15.26.0 **Description** The login page of Frappe accepts a redirect argument, allowing redirects to untrusted external URLs. This behavior can be exploited by malicious actors for phishing purposes. **Recommendations** For versions prior to 14.74.0, update to version 14.74.0 to resolve the issue. For versions prior to 15.26.0, update to version 15.26.0 to resolve the issue.