CVE-2019-20529
Published
CVSS v3
7.5
HIGH
CVSS v2
5
MEDIUM
Affected
1
PROJECT
Description
In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files.
Low code web framework for real world applications, in Python and Javascript
GitHub