Frappe Framework 12 and 13 does not properly validate the HTTP method for the frappe.client API.
CVSS Score
5.3
EPSS Score
0.009
Published
2020-12-11
In two-factor authentication, the system also sending 2fa secret key in response, which enables an intruder to breach the 2fa security.
CVSS Score
7.5
EPSS Score
0.013
Published
2020-12-11
Page 4