frappe Summary
Latest vulnerabilities published by frappe
Vulnerability Published:
ποΈ Published
- Anytime
Sort By:
ποΈ Published Date
- Descending
Access Vulnerability in Frappe Framework Affects User Password Security
CVE-2025-52898FrappeFrappe8.7HIGHCross-Site Scripting Vulnerability in Frappe Framework
CVE-2025-52896FrappeFrappe8.6HIGHSQL Injection Vulnerability in Frappe Web Application Framework
CVE-2025-52895FrappeFrappe8.7HIGHCSRF Vulnerability in ERPNEXT Product by Frappe
CVE-2025-28062FrappeERPNEXT8.1HIGHSQL Injection Vulnerability in Frappe Framework Affecting Multiple Versions
CVE-2025-30217FrappeFrappe6.6MEDIUMInformation Disclosure Vulnerability in Frappe Framework by Frappe Technologies
CVE-2025-30214FrappeFrappe8HIGHRemote Code Execution Vulnerability in Frappe Framework
CVE-2025-30213FrappeFrappe6.3MEDIUMSQL Injection Vulnerability in Frappe Framework Affecting Versions Prior to 14.89.0 and 15.51.0
CVE-2025-30212FrappeFrappe6.6MEDIUMFrappe Press Bug Allows Bypass of 2FA Authentication
CVE-2024-50356FrappePressHTML Injection Vulnerability in Frappe Custom App for Frappe Cloud
CVE-2024-49751FrappeFrappe Custom App (Press)Frappe fixes vulnerability in login page redirect
CVE-2024-34074FrappeFrappe6.1MEDIUMSQL Injection Vulnerability Affects Frappe Users
CVE-2024-24813FrappeFrappe7.5HIGHPatch Released for File Permission Bypass Vulnerability in Frappe Web Application Framework
CVE-2024-27105FrappeFrappe8.1HIGHFrappe patches XSS vulnerability in portal pages
CVE-2024-24812frappefrappe5.4MEDIUMFrappe vulnerable to HTML injection by any Desk user
CVE-2023-46127FrappeFrappeEPSS 23%5.4MEDIUMCross-site Scripting (XSS) - Generic in frappe/lms
CVE-2023-5555frappefrappe/lms6.1MEDIUMFrappe LMS SQL Injection Issue on People Page
CVE-2023-42807FrappeLms6.3MEDIUMPossibility limited SQL injection due to insufficient validation in Frappe
CVE-2023-41328FrappeFrappe4.2MEDIUMRemote File Exposure in Frappe Framework by Frappe Technologies
CVE-2022-41712FrappeFrappe6.5MEDIUMCross-Site Scripting Vulnerability in Frappe ERPNext by Frappe Technologies
CVE-2022-28598FrappeErpnextπΎπ‘6.1MEDIUMERPNext - Stored XSS in My Profile
CVE-2022-23057FrappeFrappe5.4MEDIUMERPNext - Stored XSS in My Settings
CVE-2022-23058FrappeFrappeERPNext - Improper user access conrol
CVE-2022-23055FrappeFrappeImproper HTTP Method Validation in Frappe Framework by Frappe
CVE-2020-35175FrappeFrappe5.3MEDIUMTwo-Factor Authentication Vulnerability in Frappe Framework
CVE-2020-27508FrappeFrappe7.5HIGH