CVE-2025-67730
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-12-12

Last updated on: 2025-12-15

Assigner: GitHub, Inc.

Description
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. Versions prior to 2.42.0 allow authenticated users to add malicious HTML and JavaScript through description fields in the Job, Course and Batch forms. This issue is fixed in version 2.42.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-12-12
Last Modified
2025-12-15
Generated
2026-06-16
AI Q&A
2025-12-12
EPSS Evaluated
2026-06-15
NVD
CVE-2025-67730
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
frappe learning From 2.0.0 (inc) to 2.42.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-79 The product does not neutralize or incorrectly neutralizes user-controllable input before it is placed in output that is used as a web page that is served to other users.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability in Frappe Learning Management System (LMS) versions prior to 2.42.0 allows authenticated users to inject malicious HTML and JavaScript code through the description fields in the Job, Course, and Batch forms. This can lead to cross-site scripting (XSS) attacks.

Impact Analysis

The vulnerability can allow attackers with authenticated access to execute malicious scripts in the context of the LMS application. This could lead to unauthorized actions, data theft, session hijacking, or defacement within the LMS environment.

Mitigation Strategies

Upgrade the Frappe Learning Management System (LMS) to version 2.42.0 or later, as this version fixes the vulnerability allowing authenticated users to add malicious HTML and JavaScript through description fields.

Detection Guidance

To detect this vulnerability on your system, you can check the version of the frappe LMS installed and verify if it is prior to version 2.42.0, which is vulnerable. Additionally, you can inspect the description fields in Job, Course, and Batch forms for the presence of malicious HTML or JavaScript code. Since this is a cross-site scripting (XSS) vulnerability exploitable by authenticated users, monitoring HTTP requests that submit data to these forms for suspicious script tags or event handlers can help detect exploitation attempts. For example, you can use curl or similar tools to fetch and inspect these fields or grep logs for suspicious payloads. Example commands: 1. Check version (if accessible via CLI or API): `frappe --version` or query the application version via API. 2. Search logs for suspicious input patterns: `grep -iE '<script|onerror|onload' /path/to/logs/*` 3. Use curl to fetch form data and inspect for scripts: `curl -s https://your-frappe-lms-instance/path/to/job-or-course | grep -i '<script'` Note that specific commands depend on your environment and access level. Upgrading to version 2.42.0 or later is the recommended mitigation. [1, 2]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-67730. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart