GHSA-P9HG-WRMV-V8CP Jenkins LoadNinja Plugin does not mask LoadNinja API keys displayed on the job configuration form

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2026-33004

Jenkins LoadNinja Plugin 2.1 and earlier does not mask LoadNinja API keys displayed on the job configuration form, increasing the potential for attackers to observe and capture them...

CVE-2025-67734

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

CVE-2025-67734

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

CVE-2025-67734 Frappe Authenticated Users can Execute JavaScript through its Job Form

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

EUVD-2025-203120

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

CVE-2025-67734 Frappe Authenticated Users can Execute JavaScript through its Job Form

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

CVE-2025-67734

CVE-2025-67734 affects Frappe Learning Management System (LMS) prior to version 2.42.0. The vulnerability arises from the Company Website field in the Job Form, where an authenticated attacker can inject JavaScript, leading to a cross-site scripting (XSS) attack that executes in the browsers of u...

CVE-2025-67734 Frappe Authenticated Users can Execute JavaScript through its Job Form

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...

CVE-2025-67730

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch forms. This issue is fixed in version 2.42.0...

EUVD-2025-203048

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch forms. This issue is fixed in version 2.42.0...

CVE-2025-67730 Frappe authenticated users can execute XSS through form description fields

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch forms. This issue is fixed in version 2.42.0...

CVE-2025-67730 Frappe authenticated users can execute XSS through form description fields

Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch forms. This issue is fixed in version 2.42.0...

Frappe Learning Management System 跨站脚本漏洞

Frappe Learning Management System is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning Management System versions prior to 2.42.0, which stems from the Company Website field in a Job Form that can be...

PT-2025-50968

Name of the Vulnerable Software and Affected Versions Frappe Learning Management System LMS versions prior to 2.42.0 Description Frappe Learning Management System LMS allows authenticated attackers to inject JavaScript code through the Company Website field within the Job Form. This can lead to a...

PT-2025-50902

Name of the Vulnerable Software and Affected Versions Frappe Learning Management System LMS versions prior to 2.42.0 Description Frappe Learning Management System LMS allows authenticated users to inject malicious HTML and JavaScript code through description fields within the Job, Course, and Bat...

Frappe Learning Management System 跨站脚本漏洞

Frappe Learning Management System is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning Management System versions prior to 2.42.0, which stems from malicious HTML and JavaScript that can be injected into t...

CVE-2025-62779

Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input fields in the Job Form...

CVE-2025-62779

Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input fields in the Job Form...

CVE-2025-62779 Frappe Learning users were able to add HTML through input fields in the Job Form

Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input fields in the Job Form...