Описание
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2019-14965
- https://github.com/frappe/frappe/pull/8044
- https://github.com/frappe/frappe/pull/8045
- https://github.com/frappe/frappe/pull/8046
- https://github.com/frappe/frappe/pull/8047
- https://github.com/frappe/frappe/compare/v12.0.3...v12.0.4
- https://github.com/frappe/frappe/releases/tag/v12.0.4
EPSS
Процентиль: 82%
0.01802
Низкий
CVE ID
Связанные уязвимости
CVSS3: 9.8
nvd
больше 6 лет назад
An issue was discovered in Frappe Framework 10 through 12 before 12.0.4. A server side template injection (SSTI) issue exists.
EPSS
Процентиль: 82%
0.01802
Низкий