CVE-2025-52048
BaseFortify
Publication date: 2025-09-15
Last updated on: 2025-09-20
Assigner: MITRE
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| frappe | frappe | From 14.0.0 (inc) to 14.96.10 (exc) |
| frappe | frappe | From 15.0.0 (inc) to 15.72.0 (exc) |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-89 | The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a SQL injection flaw in the Frappe framework versions before 15.72.0 and 14.96.10. It occurs in the add_tag() function where the dt parameter is not properly validated, allowing an attacker to inject malicious SQL queries. This can lead to unauthorized extraction of information from the database. [1]
How can this vulnerability impact me? :
Exploitation of this vulnerability can allow an attacker to retrieve sensitive information from the database without authorization. It has a high severity with a CVSS score of 8.1, impacting confidentiality and integrity of data. The attack can be performed remotely with low complexity and does not require user interaction, potentially exposing sensitive system details and data. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
Detection can involve monitoring for unusual or suspicious requests to the vulnerable endpoint that uses the 'dt' parameter in the add_tag() function. Since the vulnerability is an error-based SQL injection, sending crafted payloads to the endpoint and observing error messages or unexpected responses can help identify the issue. Specific commands are not provided in the resources, but typical approaches include using tools like curl or sqlmap targeting the vulnerable parameter to test for SQL injection. [1]
What immediate steps should I take to mitigate this vulnerability?
The immediate mitigation step is to upgrade the frappe package to version 15.72.0 or 14.96.10 or later, as there are no available workarounds. This upgrade addresses the SQL injection vulnerability by properly validating parameters. [1]