CVE-2019-20529

Published: Mar 18, 2020

Modified: Aug 5, 2024

PUBLISHED

Description

In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

https://github.com/frappe/frappe/pull/8884

x_refsource_MISC

https://github.com/frappe/frappe/pull/8885

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2019-20529

Description

Affected Products

References