Frappe · Frappe · CVE-2024-24813
**Name of the Vulnerable Software and Affected Versions**
Frappe versions prior to 14.64.0 and 15.0.0
**Description**
The issue is related to SQL injection from a particular whitelisted method, which can result in access to data that the user does not have permission to access. There are no known workarounds available for this issue.
**Recommendations**
For versions prior to 14.64.0, update to version 14.64.0 or later.
For versions prior to 15.0.0, update to version 15.0.0 or later.