Alerts
Events
DCR
Explore Cyware Products
Alerts
Events
DCR
Go to listing page
Structured Query Language Injection in frappe.desk.reportview.get_list Endpoint in Frappe Framework
Malware and Vulnerabilities
May 28, 2025
seclists
A critical authenticated SQL injection vulnerability has been identified in the Frappe Framework, specifically affecting the `frappe.desk.reportview.get_list` API endpoint in version v15.56.1.
Read More
Frappe Framework
SQL injection
API Vulnerability
get_list Endpoint
Authenticated Attack
Publisher
Previous
Chrome 137 Fixes Critical Use-After-Free and Memory Cor ...
Malware and Vulnerabilities
Next
Fake Java Update Popup Found in Malicious WordPress Plu ...
Malware and Vulnerabilities
/https://cyware-ent.s3.amazonaws.com/image_bank/e314_shutterstock_2011104851.jpeg)
/https://cyware-ent.s3.amazonaws.com/image_bank/72d5_shutterstock_2396331819.jpg)
