Shodan
Vulnerabilities
Vulnerable Software

Vulnerability Details CVE-2026-23497

Frappe Learning Management System (LMS) is a learning system that helps users structure their content. In 2.44.0 and earlier, there is a stored XSS vulnerability where a specially crafted image filename could execute malicious JavaScript when rendered on course or jobs pages.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 14.8%
CVSS Severity
CVSS v3 Score 5.4
Products affected by CVE-2026-23497
  • Frappe » Learning » Version: 2.0.0
    cpe:2.3:a:frappe:learning:2.0.0
  • Frappe » Learning » Version: 2.0.1
    cpe:2.3:a:frappe:learning:2.0.1
  • Frappe » Learning » Version: 2.0.2
    cpe:2.3:a:frappe:learning:2.0.2
  • Frappe » Learning » Version: 2.0.3
    cpe:2.3:a:frappe:learning:2.0.3
  • Frappe » Learning » Version: 2.1.0
    cpe:2.3:a:frappe:learning:2.1.0
  • Frappe » Learning » Version: 2.10.0
    cpe:2.3:a:frappe:learning:2.10.0
  • Frappe » Learning » Version: 2.11.0
    cpe:2.3:a:frappe:learning:2.11.0
  • Frappe » Learning » Version: 2.12.0
    cpe:2.3:a:frappe:learning:2.12.0
  • Frappe » Learning » Version: 2.13.0
    cpe:2.3:a:frappe:learning:2.13.0
  • Frappe » Learning » Version: 2.14.0
    cpe:2.3:a:frappe:learning:2.14.0
  • Frappe » Learning » Version: 2.15.0
    cpe:2.3:a:frappe:learning:2.15.0
  • Frappe » Learning » Version: 2.16.0
    cpe:2.3:a:frappe:learning:2.16.0
  • Frappe » Learning » Version: 2.17.0
    cpe:2.3:a:frappe:learning:2.17.0
  • Frappe » Learning » Version: 2.18.0
    cpe:2.3:a:frappe:learning:2.18.0
  • Frappe » Learning » Version: 2.19.0
    cpe:2.3:a:frappe:learning:2.19.0
  • Frappe » Learning » Version: 2.2.0
    cpe:2.3:a:frappe:learning:2.2.0
  • Frappe » Learning » Version: 2.20.0
    cpe:2.3:a:frappe:learning:2.20.0
  • Frappe » Learning » Version: 2.21.0
    cpe:2.3:a:frappe:learning:2.21.0
  • Frappe » Learning » Version: 2.22.0
    cpe:2.3:a:frappe:learning:2.22.0
  • Frappe » Learning » Version: 2.23.0
    cpe:2.3:a:frappe:learning:2.23.0
  • Frappe » Learning » Version: 2.24.0
    cpe:2.3:a:frappe:learning:2.24.0
  • Frappe » Learning » Version: 2.25.0
    cpe:2.3:a:frappe:learning:2.25.0
  • Frappe » Learning » Version: 2.26.0
    cpe:2.3:a:frappe:learning:2.26.0
  • Frappe » Learning » Version: 2.27.0
    cpe:2.3:a:frappe:learning:2.27.0
  • Frappe » Learning » Version: 2.28.0
    cpe:2.3:a:frappe:learning:2.28.0
  • Frappe » Learning » Version: 2.28.1
    cpe:2.3:a:frappe:learning:2.28.1
  • Frappe » Learning » Version: 2.29.0
    cpe:2.3:a:frappe:learning:2.29.0
  • Frappe » Learning » Version: 2.3.0
    cpe:2.3:a:frappe:learning:2.3.0
  • Frappe » Learning » Version: 2.30.0
    cpe:2.3:a:frappe:learning:2.30.0
  • Frappe » Learning » Version: 2.31.0
    cpe:2.3:a:frappe:learning:2.31.0
  • Frappe » Learning » Version: 2.32.0
    cpe:2.3:a:frappe:learning:2.32.0
  • Frappe » Learning » Version: 2.32.1
    cpe:2.3:a:frappe:learning:2.32.1
  • Frappe » Learning » Version: 2.32.2
    cpe:2.3:a:frappe:learning:2.32.2
  • Frappe » Learning » Version: 2.33.0
    cpe:2.3:a:frappe:learning:2.33.0
  • Frappe » Learning » Version: 2.34.0
    cpe:2.3:a:frappe:learning:2.34.0
  • Frappe » Learning » Version: 2.34.1
    cpe:2.3:a:frappe:learning:2.34.1
  • Frappe » Learning » Version: 2.35.0
    cpe:2.3:a:frappe:learning:2.35.0
  • Frappe » Learning » Version: 2.36.0
    cpe:2.3:a:frappe:learning:2.36.0
  • Frappe » Learning » Version: 2.37.0
    cpe:2.3:a:frappe:learning:2.37.0
  • Frappe » Learning » Version: 2.38.0
    cpe:2.3:a:frappe:learning:2.38.0
  • Frappe » Learning » Version: 2.39.0
    cpe:2.3:a:frappe:learning:2.39.0
  • Frappe » Learning » Version: 2.39.1
    cpe:2.3:a:frappe:learning:2.39.1
  • Frappe » Learning » Version: 2.39.2
    cpe:2.3:a:frappe:learning:2.39.2
  • Frappe » Learning » Version: 2.4.0
    cpe:2.3:a:frappe:learning:2.4.0
  • Frappe » Learning » Version: 2.40.0
    cpe:2.3:a:frappe:learning:2.40.0
  • Frappe » Learning » Version: 2.41.0
    cpe:2.3:a:frappe:learning:2.41.0
  • Frappe » Learning » Version: 2.43.0
    cpe:2.3:a:frappe:learning:2.43.0
  • Frappe » Learning » Version: 2.5.0
    cpe:2.3:a:frappe:learning:2.5.0
  • Frappe » Learning » Version: 2.6.0
    cpe:2.3:a:frappe:learning:2.6.0
  • Frappe » Learning » Version: 2.7.0
    cpe:2.3:a:frappe:learning:2.7.0
  • Frappe » Learning » Version: 2.8.0
    cpe:2.3:a:frappe:learning:2.8.0
  • Frappe » Learning » Version: 2.9.0
    cpe:2.3:a:frappe:learning:2.9.0


Products
Pricing
Contact Us

Shodan ® - All rights reserved