ERP: Document access through endpoints due to missing validation

ERP is a free and open source Enterprise Resource Planning tool. In versions up to 15.98.0 and 16.0.0-rc.1 and through 16.6.0, certain endpoints lacked access validation which allowed for unauthorized document access. This issue has been fixed in versions 15.98.1 and 16.6.1.

N/A

授权机制缺失

ERPNext 安全漏洞

ERPNext是印度ERPNext公司的一套开源的企业资源计划解决方案。 ERPNext 15.98.0及之前版本和16.0.0-rc.1版本至16.6.0版本存在安全漏洞，该漏洞源于某些端点缺少访问验证，可能导致未经授权的文档访问。

N/A

N/A