Posted by Stefan Pietsch on May 11
# Trovent Security Advisory 2103-01 #
#####################################
Authenticated SQL injection in ERPNext 13.0.0/12.18.0
#####################################################
Overview
########
Advisory ID: TRSA-2103-01
Advisory version: 1.0
Advisory status: Public
Advisory URL: https://trovent.io/security-advisory-2103-01
Affected product: ERPNext
Tested versions: 12.18.0 and 13.0.0 beta
Vendor: Frappé Technologies https://frappe.io…
– Read More – Full Disclosure