Breadgenie

**Name of the Vulnerable Software and Affected Versions** Press versions prior to commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615 **Description** Press, a Frappe custom app used for managing infrastructure, subscriptions, marketplace operations, and software-as-a-service (SaaS), is susceptible to a flaw that allows a malicious actor to flood a user's inbox with repeated invitations (duplicates). **Recommendations** Update to commit 83c3fc7676c5dbbe1fd5092d21d95a10c7b48615 to resolve the issue.

Name of the Vulnerable Software and Affected Versions: Press versions (affected versions not specified) Description: The issue concerns a lack of server-side validation for 2FA login, allowing users to circumvent this security measure. Press is a Frappe custom app that manages infrastructure, subscription, marketplace, and software-as-a-service (SaaS) for Frappe Cloud. Recommendations: At the moment, there is no information about a newer version that contains a fix for this vulnerability.