8 matches found
CVE-2025-67734
Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...
CVE-2025-67734 Frappe Authenticated Users can Execute JavaScript through its Job Form
Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers to enter JavaScript through the Company Website field of the Job Form, exposing users to an XSS attack. The script could then be executed i...
CVE-2025-67734
CVE-2025-67734 affects Frappe Learning Management System (LMS) prior to version 2.42.0. The vulnerability arises from the Company Website field in the Job Form, where an authenticated attacker can inject JavaScript, leading to a cross-site scripting (XSS) attack that executes in the browsers of u...
CVE-2025-67730
Frappe Learning Management System LMS is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch forms. This issue is fixed in version 2.42.0...
CVE-2025-67730
CVE-2025-67730 affects Frappe Learning Management System (LMS). Details across sources show that versions prior to 2.42.0 allow authenticated users to inject malicious HTML and JavaScript via description fields in the Job, Course, and Batch forms, leading to cross-site scripting (XSS). The issue ...
Frappe Learning Management System θ·¨η«θζ¬ζΌζ΄
Frappe Learning Management System is an easy-to-use open source learning management system from Frappe Open Source. A cross-site scripting vulnerability exists in Frappe Learning Management System versions prior to 2.42.0, which stems from malicious HTML and JavaScript that can be injected into t...
PT-2025-50902
Name of the Vulnerable Software and Affected Versions Frappe Learning Management System LMS versions prior to 2.42.0 Description Frappe Learning Management System LMS allows authenticated users to inject malicious HTML and JavaScript code through description fields within the Job, Course, and Bat...
PT-2019-6074 Β· GnomeΒ +4 Β· Gdk-PixbufΒ +4
Name of the Vulnerable Software and Affected Versions: gdk-pixbuf versions prior to 2.42.0 Description: A flaw in gdk-pixbuf can cause an integer wraparound leading to an out of bounds write when a crafted GIF image is loaded. This may allow an attacker to crash applications or potentially execut...