Frappe Lms
21 CVEs affecting Frappe Lms. Latest disclosed: 2026-05-20. Critical: 0, High: 0.
| CVE | Severity | Score | Published | Summary |
|---|---|---|---|---|
CVE-2023-42807 | Medium | 6.3 | 2023-09-21 | Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection vulnerability. The… |
CVE-2025-11281 | Medium | 5.0 | 2025-10-05 | A vulnerability has been found in Frappe LMS 2.35.0. The affected element is an unknown function of the file /courses/ of the component Unpublished Course Hand… |
CVE-2025-59415 | Medium | 4.6 | 2025-09-17 | Frappe Learning is a learning system that helps users structure their content. In versions 2.34.1 and below, there is a security vulnerability in Frappe Learni… |
CVE-2025-55006 | Medium | 4.3 | 2025-08-09 | Frappe Learning is a learning system that helps users structure their content. In versions 2.33.0 and below, the image upload functionality did not adequately… |
CVE-2025-11280 | Low | 3.7 | 2025-10-05 | A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation… |
CVE-2025-11283 | Low | 2.4 | 2025-10-05 | A vulnerability was determined in Frappe LMS 2.35.0. This affects an unknown function of the component Course Handler. Executing manipulation of the argument D… |
CVE-2025-11282 | Low | 2.4 | 2025-10-05 | A vulnerability was found in Frappe LMS 2.34.x/2.35.0. The impacted element is an unknown function of the component Incomplete Fix CVE-2025-55006. Performing a… |
CVE-2026-39405 | | 2026-05-20 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.50.0 and below, a user with course editing… | |
CVE-2026-39415 | | 2026-04-08 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.46.0, a vulnerability has been identified in… | |
CVE-2026-34606 | | 2026-04-02 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS… | |
CVE-2026-26977 | | 2026-02-20 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In versions 2.44.0 and below, unauthorized users are abl… | |
CVE-2026-26031 | | 2026-02-11 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.44.0, security issue was identified in Frappe… | |
CVE-2026-23497 | | 2026-01-14 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerabili… | |
CVE-2025-67734 | | 2025-12-12 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allowed authenticated attackers… | |
CVE-2025-67730 | | 2025-12-12 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to ad… | |
CVE-2025-66581 | | 2025-12-05 | Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Prior to 2.41.0, a flaw in the server-side authorization… | |
CVE-2025-64707 | | 2025-11-12 | Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a rol… | |
CVE-2025-64705 | | 2025-11-12 | Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access… | |
CVE-2025-62779 | | 2025-10-27 | Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input… | |
CVE-2025-62778 | | 2025-10-27 | Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were able to access the… |