CVE-2025-53545 Information
Jul 09, 2025
cve
Description
Press a Frappe custom app that runs Frappe Cloud manages infrastructure subscription marketplace and software-as-a-service (SaaS). Users can circumvent 2FA login for users due to a lack of server side validation for the same. This vulnerability is fixed in commit ddb439f8eb1816010f2ef653a908648b71f9bba8.
Reference
https://github.com/frappe/press/commit/ddb439f8eb1816010f2ef653a908648b71f9bba8 https://github.com/frappe/press/security/advisories/GHSA-fwfh-vhjg-45q4
Related CNNVD
CNNVD-202507-1018 (Published: 2025-07-08)
Share on: