Skip to main content

Frappe Framework Erpnext

1 CVEs product

Monthly

CVE-2023-54345 HIGH POC This Week

Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Frappe Framework Erpnext
NVD Exploit-DB GitHub
CVSS 4.0
8.7
EPSS
0.1%
EPSS 0% CVSS 8.7
HIGH POC This Week

Frappe Framework ERPNext 13.4.0 contains a sandbox escape vulnerability in RestrictedPython that allows authenticated users with System Manager role to execute arbitrary code by exploiting frame. Rated high severity (CVSS 8.7), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

Code Injection RCE Frappe Framework Erpnext
NVD Exploit-DB GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy