← Zuruck zu CVEs
CVE-2025-64705
MEDIUM4.3
Beschreibung
Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access the submissions made by other students The issue has been fixed in version 2.41.0 by ensuring proper roles and redirecting if accessed via direct URL.
CVE Details
CVSS v3.1 Bewertung4.3
SchweregradMEDIUM
CVSS VektorCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
AngriffsvektorNETWORK
KomplexitatLOW
Erforderliche PrivilegienLOW
BenutzerinteraktionNONE
Veroffentlicht11/12/2025
Zuletzt geandert11/17/2025
Quellenvd
Honeypot-Sichtungen0
Betroffene Produkte
frappe:learning
Schwachen (CWE)
CWE-200
Referenzen
https://github.com/frappe/lms/security/advisories/GHSA-qrvv-6g7r-g3v8(security-advisories@github.com)
IOC Korrelationen
Keine Korrelationen erfasst
This product uses data from the NVD API but is not endorsed or certified by the NVD.