Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection vulnerability. The issue has been fixed in the `main` branch. Users won't face this issue if they are using the latest main branch of the app.
Metrics
Affected Vendors & Products
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 03 Oct 2025 17:45:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Frappe learning
|
|
CPEs | cpe:2.3:a:frappe:learning:*:*:*:*:*:*:*:* | |
Vendors & Products |
Frappe frappe Lms
|
Frappe learning
|
Tue, 24 Sep 2024 15:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|

Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2024-09-24T14:50:49.075Z
Reserved: 2023-09-14T16:13:33.307Z
Link: CVE-2023-42807

Updated: 2024-08-02T19:30:24.171Z

Status : Modified
Published: 2023-09-21T17:15:23.950
Modified: 2025-10-03T17:36:07.843
Link: CVE-2023-42807

No data.

No data.