VYPR
Unrated severityNVD Advisory· Published Nov 25, 2022· Updated Apr 29, 2025

CVE-2022-41712

CVE-2022-41712

Description

Frappe version 14.10.0 allows an external attacker to remotely obtain arbitrary local files. This is possible because the application does not correctly validate the information injected by the user in the import_file parameter.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Frappe/Frappellm-fuzzy2 versions
    =14.10.0+ 1 more
    • (no CPE)range: =14.10.0
    • (no CPE)range: 14.10.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.