CVE-2025-59415
CVE-2025-59415 affects Frappe Learning, versions 2.34.1 and earlier, where profile bio content wasn’t properly sanitized. This allows malicious SVGs to execute scripts in other users’ contexts, per multiple sources. The vulnerability arises from inadequate content sanitization in profile bios. Re...