{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-52898", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-06-20T17:42:25.710Z", "datePublished": "2025-06-30T17:19:31.543Z", "dateUpdated": "2025-06-30T18:01:16.717Z"}, "containers": {"cna": {"title": "Frappe account takeover via password reset token leakage", "problemTypes": [{"descriptions": [{"cweId": "CWE-200", "lang": "en", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "PASSIVE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.7, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0"}}], "references": [{"name": "https://github.com/frappe/frappe/security/advisories/GHSA-p284-r7rh-wq7j", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/frappe/frappe/security/advisories/GHSA-p284-r7rh-wq7j"}, {"name": "https://github.com/frappe/frappe/pull/31522", "tags": ["x_refsource_MISC"], "url": "https://github.com/frappe/frappe/pull/31522"}, {"name": "https://github.com/frappe/frappe/commit/52e31337a6c964189c8b883a2f7bc3a28ab374f2", "tags": ["x_refsource_MISC"], "url": "https://github.com/frappe/frappe/commit/52e31337a6c964189c8b883a2f7bc3a28ab374f2"}, {"name": "https://github.com/frappe/frappe/commit/5b4849b1ab5fd796b306312745b4e202b0e90d66", "tags": ["x_refsource_MISC"], "url": "https://github.com/frappe/frappe/commit/5b4849b1ab5fd796b306312745b4e202b0e90d66"}], "affected": [{"vendor": "frappe", "product": "frappe", "versions": [{"version": "< 15.58.0", "status": "affected"}, {"version": "< 14.94.3", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-30T17:19:31.543Z"}, "descriptions": [{"lang": "en", "value": "Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, a carefully crafted request could lead to a malicious actor getting access to a user's password reset token. This can only be exploited on self hosted instances configured in a certain way. Frappe Cloud users are safe. This issue has been patched in versions 14.94.3 and 15.58.0. Workarounds for this issue involve verifying password reset URLs before clicking on them or upgrading for self hosted users."}], "source": {"advisory": "GHSA-p284-r7rh-wq7j", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-06-30T18:01:08.276711Z", "id": "CVE-2025-52898", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-30T18:01:16.717Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-52898", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-06-30T18:01:08.276711Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-06-30T18:01:10.878Z"}}], "cna": {"title": "Frappe account takeover via password reset token leakage", "source": {"advisory": "GHSA-p284-r7rh-wq7j", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.7, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "frappe", "product": "frappe", "versions": [{"status": "affected", "version": "< 15.58.0"}, {"status": "affected", "version": "< 14.94.3"}]}], "references": [{"url": "https://github.com/frappe/frappe/security/advisories/GHSA-p284-r7rh-wq7j", "name": "https://github.com/frappe/frappe/security/advisories/GHSA-p284-r7rh-wq7j", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/frappe/frappe/pull/31522", "name": "https://github.com/frappe/frappe/pull/31522", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/frappe/frappe/commit/52e31337a6c964189c8b883a2f7bc3a28ab374f2", "name": "https://github.com/frappe/frappe/commit/52e31337a6c964189c8b883a2f7bc3a28ab374f2", "tags": ["x_refsource_MISC"]}, {"url": "https://github.com/frappe/frappe/commit/5b4849b1ab5fd796b306312745b4e202b0e90d66", "name": "https://github.com/frappe/frappe/commit/5b4849b1ab5fd796b306312745b4e202b0e90d66", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, a carefully crafted request could lead to a malicious actor getting access to a user's password reset token. This can only be exploited on self hosted instances configured in a certain way. Frappe Cloud users are safe. This issue has been patched in versions 14.94.3 and 15.58.0. Workarounds for this issue involve verifying password reset URLs before clicking on them or upgrading for self hosted users."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-06-30T17:19:31.543Z"}}}, "cveMetadata": {"cveId": "CVE-2025-52898", "state": "PUBLISHED", "dateUpdated": "2025-06-30T18:01:16.717Z", "dateReserved": "2025-06-20T17:42:25.710Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-06-30T17:19:31.543Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:frappe:frappe:*:*:*:*:*:*:*:*", "matchCriteriaId": "C1A94A0B-B5E4-4F08-8817-7BC2C61922AB", "versionEndExcluding": "14.94.3", "vulnerable": true}, {"criteria": "cpe:2.3:a:frappe:frappe:*:*:*:*:*:*:*:*", "matchCriteriaId": "AD95653C-461E-44CD-A6D6-918E52A0A895", "versionEndExcluding": "15.58.0", "versionStartIncluding": "15.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Frappe is a full-stack web application framework. Prior to versions 14.94.3 and 15.58.0, a carefully crafted request could lead to a malicious actor getting access to a user's password reset token. This can only be exploited on self hosted instances configured in a certain way. Frappe Cloud users are safe. This issue has been patched in versions 14.94.3 and 15.58.0. Workarounds for this issue involve verifying password reset URLs before clicking on them or upgrading for self hosted users."}, {"lang": "es", "value": "Frappe es un framework de aplicaciones web integral. Antes de las versiones 14.94.3 y 15.58.0, una solicitud cuidadosamente manipulada pod\u00eda permitir que un atacante malicioso accediera al token de restablecimiento de contrase\u00f1a de un usuario. Esto solo se puede explotar en instancias alojadas en servidores propios con una configuraci\u00f3n espec\u00edfica. Los usuarios de Frappe Cloud est\u00e1n seguros. Este problema se ha corregido en las versiones 14.94.3 y 15.58.0. Las soluciones alternativas incluyen verificar las URL de restablecimiento de contrase\u00f1a antes de acceder a ellas o actualizar la versi\u00f3n para usuarios alojados en servidores propios."}], "id": "CVE-2025-52898", "lastModified": "2025-07-08T14:43:50.023", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "PASSIVE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-06-30T18:15:25.773", "references": [{"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/frappe/frappe/commit/52e31337a6c964189c8b883a2f7bc3a28ab374f2"}, {"source": "[email protected]", "tags": ["Patch"], "url": "https://github.com/frappe/frappe/commit/5b4849b1ab5fd796b306312745b4e202b0e90d66"}, {"source": "[email protected]", "tags": ["Issue Tracking"], "url": "https://github.com/frappe/frappe/pull/31522"}, {"source": "[email protected]", "tags": ["Vendor Advisory"], "url": "https://github.com/frappe/frappe/security/advisories/GHSA-p284-r7rh-wq7j"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-200"}], "source": "[email protected]", "type": "Primary"}]}

{}