Frappe: >> Erpnext >> 10.1.77 Security Vulnerabilities
ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15.0.0 through 15.75.1, lack of validation of parameters left certain endpoints vulnerable to error-based SQL Injection. Some information like version could be retrieved. This issue is fixed in versions 14.89.2 and 15.76.0.
CVSS Score
8.1
EPSS Score
0.0
Published
2025-09-06