CNNVD-202511-1308 Information

CNNVD ID

CNNVD-202511-1308

Related CVE

CVE-2025-64707

• CNNVD Published: 2025-11-12

Description (Chinese)

Frappe Learning是Frappe开源的一个易于使用的开源学习管理系统。 Frappe Learning 2.0.0版本至2.41.0之前版本存在安全漏洞，该漏洞源于缓存清理不当，可能导致角色撤销延迟生效。

Description (English)

Frappe Learning is an easy-to-use open-source learning management system for Frappe open sources. There is a security loophole in the previous versions of Frappe Learning 2.0.0 to 2.41.0, which stems from poor clearance of the cache, which may delay the validity of the role revocation.

Hazard Level

Critical

Vulnerability Type

其他

Affected Vendor

Frappe

Published

2025-11-12

Last Modified

2026-02-24

References

https://github.com/frappe/lms/security/advisories/GHSA-w2gf-rchw-x6vm https://access.redhat.com/security/cve/cve-2025-64707

Patch

https://github.com/frappe/lms/releases