Security: frappe/frappe
Security Advisories
View information about security vulnerabilities from this repository's maintainers.
-
Possibility of RCE due to SSTIGHSA-qq98-vfv9-xmxh published
Dec 29, 2025 by akhilnarangCritical -
Authenticated XSS via leaderboardGHSA-cx24-w5gm-5vv9 published
Dec 24, 2025 by akhilnarangModerate -
Path traversal allowed reading certain filesGHSA-xj39-3g4p-f46v published
Jan 5, 2026 by akhilnarangHigh -
Possibility of SQL Injection due to improper validationsGHSA-mp93-8vxr-hqq9 published
Dec 1, 2025 by akhilnarangHigh -
Path traversal allowed reading certain filesGHSA-v4wg-gqfr-rpjm published
Dec 1, 2025 by akhilnarangModerate -
Open Redirect on Login PageGHSA-j9jr-qrpj-g855 published
Oct 16, 2025 by akhilnarangModerate -
Possible LDAP injection due to unsanitised inputsGHSA-qrq5-v93p-8xhw published
Oct 24, 2025 by akhilnarangModerate -
Possibility of SQL injection due to missing validationGHSA-mggw-6xqj-rphj published
Sep 4, 2025 by akhilnarangHigh -
Possibility of SQL Injection due to improper validationsGHSA-6rpr-2hjx-w9vp published
Aug 20, 2025 by akhilnarangHigh -
Possibility of Authenticated SQL Injection due to improper validationsGHSA-5p8f-568f-vfq2 published
Aug 20, 2025 by akhilnarangHigh