Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection vulnerability. The issue has been fixed in the `main` branch. Users won't face this issue if they are using the latest main branch of the app.
Metrics
Affected Vendors & Products
Advisories
| Source | ID | Title |
|---|---|---|
EUVD |
EUVD-2023-47233 | Frappe LMS is an open source learning management system. In versions 1.0.0 and prior, on the People Page of LMS, there was an SQL Injection vulnerability. The issue has been fixed in the `main` branch. Users won't face this issue if they are using the latest main branch of the app. |
Fixes
Solution
No solution given by the vendor.
Workaround
No workaround given by the vendor.
References
History
Fri, 03 Oct 2025 17:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| First Time appeared |
Frappe learning
|
|
| CPEs | cpe:2.3:a:frappe:learning:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Frappe frappe Lms
|
Frappe learning
|
Tue, 24 Sep 2024 15:30:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Metrics |
ssvc
|
Status: PUBLISHED
Assigner: GitHub_M
Published:
Updated: 2024-09-24T14:50:49.075Z
Reserved: 2023-09-14T16:13:33.307Z
Link: CVE-2023-42807
Updated: 2024-08-02T19:30:24.171Z
Status : Modified
Published: 2023-09-21T17:15:23.950
Modified: 2025-10-03T17:36:07.843
Link: CVE-2023-42807
No data.
OpenCVE Enrichment
No data.
EUVD