CMS
frappe/frappe
Low code web framework for real world applications, in Python and Javascript
#frappe#erpnext#python#javascript#web-framework#full-stack#email#multitenant#rest-api#webhooks#socket-io#security#postgres#mariadb#low-code#cms
スコア
70
/ 100
Star
10,096
Fork
4,951
Open Issue
2,216
サイズ
681MB
言語
Python ★
最終push
0 日前
Docker
—
採点内訳
過去CVE 18件 (やや多い)
✓直近 push: 0 日前
✓得意言語 (Python)
✓オープンissue 2216件
✓超大規模 (0.7GB)
—Docker 未対応
—10k–50k: 中級 (★10,096)
—※ 各項目の重みは「採点ルール」を参照。合計は 0 で底打ち。
過去の SecurityAdvisory (20 件)
- Arbitrary File Read via Path Traversal
- Unrestricted Doctype access via API exploit
- Possibility of SQL injection in bulk_update
- Workspace modification and stored XSS due to improper resource ownership checks
- Possible SSRF by any authenticated user
- Possibility of SQL Injection due to improper field sanitization
- Possibility of SQL Injection due to improper fieldname sanitization
- Broken Access Control in DocShare
- Stored XSS in avatar_macro.html
- XSS and Open Redirect in Sign Up
- Path traversal allowed reading certain files
- Possibility of RCE due to SSTI
- Authenticated XSS via leaderboard
- Path traversal allowed reading certain files
- Possibility of SQL Injection due to improper validations
- Possible LDAP injection due to unsanitised inputs
- Open Redirect on Login Page
- Possibility of SQL injection due to missing validation
- Possibility of SQL Injection due to improper validations
- Possibility of Authenticated SQL Injection due to improper validations