Frappe

Learning

19 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2026-26977

  • EPSS 0.01%
  • Veröffentlicht 20.02.2026 00:56:42
  • Zuletzt bearbeitet 20.02.2026 16:33:11

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.44.0 and below, unauthorized users are able to access the details of unpublished courses via API endpoints. A fix for this issue is p...

5.3

CVE-2026-26031

  • EPSS 0.03%
  • Veröffentlicht 11.02.2026 21:32:15
  • Zuletzt bearbeitet 12.02.2026 17:11:21

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.44.0, security issue was identified in Frappe Learning, where unauthorised users were able to access the full list of enrolled students ...

5.4

CVE-2026-23497

  • EPSS 0.03%
  • Veröffentlicht 14.01.2026 18:25:52
  • Zuletzt bearbeitet 16.01.2026 18:44:56

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendere...

5.4

CVE-2025-67734

  • EPSS 0.04%
  • Veröffentlicht 12.12.2025 19:48:58
  • Zuletzt bearbeitet 16.12.2025 21:34:55

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to a...

5.4

CVE-2025-67730

  • EPSS 0.04%
  • Veröffentlicht 12.12.2025 07:23:54
  • Zuletzt bearbeitet 15.12.2025 17:27:21

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch for...

6.5

CVE-2025-66581

  • EPSS 0.03%
  • Veröffentlicht 05.12.2025 18:26:20
  • Zuletzt bearbeitet 11.12.2025 00:08:39

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.41.0, a flaw in the server-side authorization logic allowed authenticated users to perform actions beyond their assigned roles across mu...

5.4

CVE-2025-64707

  • EPSS 0.04%
  • Veröffentlicht 12.11.2025 22:27:54
  • Zuletzt bearbeitet 17.11.2025 19:20:49

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed ...

4.3

CVE-2025-64705

  • EPSS 0.04%
  • Veröffentlicht 12.11.2025 22:25:49
  • Zuletzt bearbeitet 17.11.2025 19:21:31

Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access the submissions made by other students The issue has been fixed in version 2.41.0 by ensur...

5.4

CVE-2025-62779

  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 21:19:03
  • Zuletzt bearbeitet 03.11.2025 18:38:26

Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input fields in the Job Form.

5.3

CVE-2025-62778

  • EPSS 0.05%
  • Veröffentlicht 27.10.2025 21:16:06
  • Zuletzt bearbeitet 03.11.2025 18:40:23

Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were able to access the Quiz Form if they had the URL.