CVE-2026-55242: CWE-863: Incorrect Authorization in frappe erpnext
ERPNext is a free and open source Enterprise Resource Planning tool. Prior to 15.111.0 and 16.22.0, an authenticated user with a standard operational role can trigger server-side template injection…
Read the full article2d agoen
Comments
Sign in to join the conversation.
No comments yet. Be the first.