Frappe is a full-stack web application framework. Prior to 16.16.0 and 15.106.0, user enumeration could be performed via the reset_password endpoint. This issue is fixed in versions 16.16.0 and 15.106.0.
Get an AI-powered plain-language explanation of this vulnerability and remediation steps.
Login to generate AI explanation7 reference(s) from NVD