{"vulnerability": "cve-2025-30214", "sightings": [{"uuid": "7b353d6e-5606-4096-bca4-88ad89ab516d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30214", "type": "published-proof-of-concept", "source": "https://t.me/DarkWebInformer_CVEAlerts/8689", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2025-30214\n\ud83d\udd25 CVSS Score: 8 (cvssV4_0, Vector: CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:U)\n\ud83d\udd39 Description: Frappe is a full-stack web application framework. Prior to versions 14.89.0 and 15.51.0, making crafted requests could lead to information disclosure that could further lead to account takeover. Versions 14.89.0 and 15.51.0 fix the issue. There's no workaround to fix this without upgrading.\n\ud83d\udccf Published: 2025-03-25T15:05:42.656Z\n\ud83d\udccf Modified: 2025-03-25T15:05:42.656Z\n\ud83d\udd17 References:\n1. https://github.com/frappe/frappe/security/advisories/GHSA-qrv3-jc3h-f3m6", "creation_timestamp": "2025-03-25T15:24:11.000000Z"}, {"uuid": "f9204ea4-75c2-4a31-b3ee-2aa8d4d0c41e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30214", "type": "published-proof-of-concept", "source": "Telegram/4yRTt9dy-kSa9hw9IvAX8xqiMQA60h8go96Ck2HC1in5CKw", "content": "", "creation_timestamp": "2025-03-25T17:30:48.000000Z"}, {"uuid": "8ca3263d-9446-4c88-9220-fe0f6fa43108", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30214", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3ll7xdp7xpn2j", "content": "", "creation_timestamp": "2025-03-25T18:59:52.643465Z"}, {"uuid": "0011e851-4749-4be4-b49f-eb2a1160e001", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2025-30214", "type": "seen", "source": "https://t.me/cvedetector/21101", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2025-30214 - Frappe Account Takeover Information Disclosure Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2025-30214 \nPublished : March 25, 2025, 3:15 p.m. | 46\u00a0minutes ago \nDescription : Frappe is a full-stack web application framework. Prior to versions 14.89.0 and 15.51.0, making crafted requests could lead to information disclosure that could further lead to account takeover. Versions 14.89.0 and 15.51.0 fix the issue. There's no workaround to fix this without upgrading. \nSeverity: 0.0 | NA \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"25 Mar 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-03-25T17:49:07.000000Z"}]}