Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2025-56380

Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.get_value API endpoint and a crafted script to the fieldname parameter
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 4.5%
CVSS Severity
CVSS v3 Score 6.5
Products affected by CVE-2025-56380
  • Frappe » Erpnext » Version: 15.67.0
    cpe:2.3:a:frappe:erpnext:15.67.0
  • Frappe » Frappe » Version: 15.72.4
    cpe:2.3:a:frappe:frappe:15.72.4


Products
Pricing
Contact Us

Shodan ® - All rights reserved