Karen

Name of the Vulnerable Software and Affected Versions: Frappe versions prior to 15.74.2 Frappe versions prior to 14.96.15 Description: Frappe is a full-stack web application framework. Prior to versions 15.74.2 and 14.96.15, an attacker could implement SQL injection through specially crafted requests, potentially allowing unauthorized access to sensitive information. This issue bypasses a previously released patch. Recommendations: Update to Frappe version 15.74.2 or later. Update to Frappe version 14.96.15 or later.