CNNVD-202509-2924 Information

Sep 18, 2025 cve

CNNVD ID

CNNVD-202509-2924

CVE-2025-59421

CNNVD Published: 2025-09-18

Description (Chinese)

Press是Frappe开源的一个运行 Frappe Cloud 的 Frappe 自定义应用程序。 Press存在安全漏洞，该漏洞源于攻击者可重复发送邀请导致用户收件箱被淹没。

Description (English)

Press is a Frappe custom application for running Frappe Cloud. There is a security loophole in Press, which stems from the fact that the attackers can repeat the invitation, resulting in the flooding of the user ’ s inbox.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Frappe

Published

2025-09-18

Last Modified

2026-02-24

References

https://github.com/frappe/press/security/advisories/GHSA-68qm-vp8f-rpr3 https://github.com/frappe/press/commit/83c3fc7676c5dbbe1fd5092d21d95a10c7b48615 https://access.redhat.com/security/cve/cve-2025-59421

Patch

https://github.com/frappe/press/commit/83c3fc7676c5dbbe1fd5092d21d95a10c7b48615

Share on: