Frappe: >> Learning >> 2.38.0 Security Vulnerabilities
Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, when admins revoked a role from the user, the effect was not immediate because of caching. The issue has been fixed in version 2.41.0 by ensuring the cache is cleared after roles are updated.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-11-12
Frappe Learning is a learning system that helps users structure their content. Starting in version 2.0.0 and prior to version 2.41.0, users were able to access the submissions made by other students The issue has been fixed in version 2.41.0 by ensuring proper roles and redirecting if accessed via direct URL.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-11-12
Frappe Learning is a learning system that helps users structure their content. In Frappe Learning 2.39.1 and earlier, users were able to add HTML through input fields in the Job Form.
CVSS Score
5.4
EPSS Score
0.0
Published
2025-10-27
Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were able to access the Quiz Form if they had the URL.
CVSS Score
5.3
EPSS Score
0.0
Published
2025-10-27