Filtered by vendor Frappe
Subscribe
Total
130 CVE
| CVE | Vendors | Products | Updated | CVSS v2 | CVSS v3 |
|---|---|---|---|---|---|
| CVE-2025-66581 | 1 Frappe | 1 Learning | 2025-12-11 | N/A | 6.5 MEDIUM |
| Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.41.0, a flaw in the server-side authorization logic allowed authenticated users to perform actions beyond their assigned roles across multiple features. Because the affected endpoints relied on client-side or UI-level checks instead of enforcing permissions on the server, users with low-privileged roles (such as students) could perform operations intended only for instructors or administrators via directly using the API's. This vulnerability is fixed in 2.41.0. | |||||
| CVE-2025-65267 | 1 Frappe | 2 Erpnext, Frappe | 2025-12-05 | N/A | 9.0 CRITICAL |
| In ERPNext v15.83.2 and Frappe Framework v15.86.0, improper validation of uploaded SVG avatar images allows attackers to embed malicious JavaScript. The payload executes when an administrator clicks the image link to view the avatar, resulting in stored cross-site scripting (XSS). Successful exploitation may lead to account takeover, privilege escalation, or full compromise of the affected ERPNext instance. | |||||
| CVE-2025-66205 | 1 Frappe | 1 Frappe | 2025-12-04 | N/A | 7.1 HIGH |
| Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, a certain endpoint was vulnerable to error-based SQL injection due to lack of validation of parameters. Some information like version could be retrieved. This vulnerability is fixed in 15.86.0 and 14.99.2. | |||||
| CVE-2025-66206 | 1 Frappe | 1 Frappe | 2025-12-04 | N/A | 6.8 MEDIUM |
| Frappe is a full-stack web application framework. Prior to 15.86.0 and 14.99.2, certain requests were vulnerable to path traversal attacks, wherein some files from the server could be retrieved if the full path was known. Sites hosted on Frappe Cloud, and even other setups that are behind a reverse proxy like NGINX are unaffected. This would mainly affect someone directly using werkzeug/gunicorn. In those cases, either an upgrade or changing the setup to use a reverse proxy is recommended. This vulnerability is fixed in 15.86.0 and 14.99.2. | |||||
| CVE-2025-64705 | 1 Frappe | 1 Learning | 2025-11-17 | N/A | 4.3 MEDIUM |
| Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access the submissions made by other students The issue has been fixed in version 2.41.0 by ensuring proper roles and redirecting if accessed via direct URL. | |||||
| CVE-2025-64707 | 1 Frappe | 1 Learning | 2025-11-17 | N/A | 5.4 MEDIUM |
| Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is cleared after roles are updated. | |||||
| CVE-2025-62778 | 1 Frappe | 1 Learning | 2025-11-03 | N/A | 5.3 MEDIUM |
| Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were able to access the Quiz Form if they had the URL. | |||||
| CVE-2025-62779 | 1 Frappe | 1 Learning | 2025-11-03 | N/A | 5.4 MEDIUM |
| Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input fields in the Job Form. | |||||
| CVE-2025-58439 | 1 Frappe | 1 Erpnext | 2025-10-27 | N/A | 8.1 HIGH |
| ERP is a free and open source Enterprise Resource Planning tool. In versions below 14.89.2 and 15.0.0 through 15.75.1, lack of validation of parameters left certain endpoints vulnerable to error-based SQL Injection. Some information like version could be retrieved. This issue is fixed in versions 14.89.2 and 15.76.0. | |||||
| CVE-2025-62407 | 1 Frappe | 1 Frappe | 2025-10-23 | N/A | 6.1 MEDIUM |
| Frappe is a full-stack web application framework. Prior to 14.98.0 and 15.83.0, an open redirect was possible through the redirect argument on the login page, if a specific type of URL was passed in. This vulnerability is fixed in 14.98.0 and 15.83.0. | |||||
| CVE-2025-62158 | 1 Frappe | 1 Learning | 2025-10-20 | N/A | 5.3 MEDIUM |
| Frappe Learning is a learning system that helps users structure their content. In versions prior to 2.38.0, the system did stored the attachments uploaded by the students in their assignments as public files. This issue potentially exposed student-uploaded files to the public. Anyone with the file URL could access these files without authentication. The issue has been fixed in version 2.38.0 by ensuring all student-uploaded assignment attachments are stored as private files by default. | |||||
| CVE-2025-59415 | 1 Frappe | 1 Learning | 2025-10-08 | N/A | 4.6 MEDIUM |
| Frappe Learning is a learning system that helps users structure their content. In versions 2.34.1 and below, there is a security vulnerability in Frappe Learning where the system did not adequately sanitize the content uploaded in the profile bio. Malicious SVG files could be used to execute arbitrary scripts in the context of other users. | |||||
| CVE-2025-55006 | 1 Frappe | 1 Learning | 2025-10-06 | N/A | 4.3 MEDIUM |
| Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately sanitize uploaded SVG files. This allowed users to upload SVG files containing embedded JavaScript or other potentially malicious content. Malicious SVG files could be used to execute arbitrary scripts in the context of other users. A fix for this issue is planned for version 2.34.0. | |||||
| CVE-2025-56379 | 1 Frappe | 2 Erpnext, Frappe | 2025-10-03 | N/A | 5.4 MEDIUM |
| A stored cross-site scripting (XSS) vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field. | |||||
| CVE-2023-5555 | 1 Frappe | 1 Learning | 2025-10-03 | N/A | 6.1 MEDIUM |
| Cross-site Scripting (XSS) - Generic in GitHub repository frappe/lms prior to 5614a6203fb7d438be8e2b1e3030e4528d170ec4. | |||||
| CVE-2023-42807 | 1 Frappe | 1 Learning | 2025-10-03 | N/A | 6.3 MEDIUM |
| Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection vulnerability. The issue has been fixed in the `main` branch. Users won't face this issue if they are using the latest main branch of the app. | |||||
| CVE-2025-52043 | 1 Frappe | 1 Erpnext | 2025-10-03 | N/A | 6.5 MEDIUM |
| In Frappe ERPNext v15.57.5, the function import_coa() at erpnext/accounts/doctype/chart_of_accounts_importer/chart_of_accounts_importer.py is vulnerable to SQL injection, which allows an attacker to extract all information from databases by injecting a SQL query into the company parameter. | |||||
| CVE-2025-52047 | 1 Frappe | 1 Erpnext | 2025-10-03 | N/A | 6.5 MEDIUM |
| In Frappe ErpNext v15.57.5, the function get_income_account() at erpnext/controllers/queries.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the filters.disabled parameter. | |||||
| CVE-2025-52049 | 1 Frappe | 1 Erpnext | 2025-10-03 | N/A | 6.5 MEDIUM |
| In Frappe ErpNext v15.57.5, the function get_timesheet_detail_rate() at erpnext/projects/doctype/timesheet/timesheet.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting SQL query into the timelog parameter. | |||||
| CVE-2025-52050 | 1 Frappe | 1 Erpnext | 2025-10-03 | N/A | 6.5 MEDIUM |
| In Frappe ERPNext 15.57.5, the function get_loyalty_program_details_with_points() at erpnext/accounts/doctype/loyalty_program/loyalty_program.py is vulnerable to SQL Injection, which allows an attacker to extract all information from databases by injecting a SQL query into the expiry_date parameter. | |||||