Lucene search
K

7 matches found

Vulnrichment
Vulnrichment
added 2026/02/20 12:56 a.m.3 views

CVE-2026-26977 Frappe Learning Management System exposes details of unpublished courses to unauthorized users

Frappe Learning Management System LMS is a learning system that helps users structure their content. In versions 2.44.0 and below, unauthorized users are able to access the details of unpublished courses via API endpoints. A fix for this issue is planned for the 2.45.0 release...

6.9CVSS5.5AI score0.00289EPSS
Exploits0References1
EUVD
EUVD
added 2025/10/05 6:30 a.m.6 views

EUVD-2025-32445

A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...

5CVSS6.2AI score0.00327EPSS
Exploits1References6
Vulnrichment
Vulnrichment
added 2025/10/05 4:2 a.m.3 views

CVE-2025-11281 Frappe LMS Unpublished Course courses access control

A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...

5CVSS6.4AI score0.00327EPSS
Exploits1References5
OSV
OSV
added 2025/10/05 4:2 a.m.4 views

CVE-2025-11281 Frappe LMS Unpublished Course courses access control

A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...

2.3CVSS5.2AI score0.00327EPSS
Exploits1References7
Cvelist
Cvelist
added 2025/10/05 4:2 a.m.11 views

CVE-2025-11281 Frappe LMS Unpublished Course courses access control

A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Handler. Such manipulation leads to improper access controls. The attack may be launched remotely. This attack is characterized by high...

5CVSS0.00327EPSS
Exploits1References5
Positive Technologies
Positive Technologies
added 2025/10/05 12:0 a.m.7 views

PT-2025-40792

Name of the Vulnerable Software and Affected Versions Frappe LMS version 2.35.0 Description A flaw exists in Frappe LMS that allows for improper access controls. The issue is related to an unknown function within the /courses/ file of the Unpublished Course Handler component. The attack can be...

5CVSS4.9AI score0.00327EPSS
Exploits1References10
CNNVD
CNNVD
added 2025/10/05 12:0 a.m.4 views

Frappe Learning Management System 安全漏洞

Frappe Learning Management System is an easy-to-use open source learning management system from Frappe Open Source. A security vulnerability exists in Frappe Learning Management System version 2.35.0, which stems from improper access control of an unknown function in the file /courses/ in the...

5CVSS5.3AI score0.00327EPSS
Exploits1References5
Rows per page
Query Builder