Security Advisory

CVE-2019-20529

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2020-03-18 17:30:31
Last updated 2024-08-05 02:46:10
Assigner mitre
State PUBLISHED

Description

In core/doctype/prepared_report/prepared_report.py in Frappe 11 and 12, data files generated with Prepared Report were being stored as public files (no authentication is required to access; having a link is sufficient) instead of private files.