CNNVD-202511-1310 Information

CNNVD ID

CNNVD-202511-1310

Related CVE

CVE-2025-64705

• CNNVD Published: 2025-11-12

Description (Chinese)

Frappe Learning是Frappe开源的一个易于使用的开源学习管理系统。 Frappe Learning 2.0.0版本至2.41.0之前版本存在信息泄露漏洞，该漏洞源于访问控制不当，可能导致查看其他学生的提交内容。

Description (English)

Frappe Learning is an easy-to-use open-source learning management system for Frappe open sources. There was a leaking loophole in the previous versions of Frappe Learning 2.0.0 to 2.41.0, which stemmed from inadequate access controls and could lead to access to other student submissions.

Hazard Level

High

Vulnerability Type

信息泄露

Affected Vendor

Frappe

Published

2025-11-12

Last Modified

2026-02-24

References

https://github.com/frappe/lms/security/advisories/GHSA-qrvv-6g7r-g3v8 https://access.redhat.com/security/cve/cve-2025-64705

Patch

https://github.com/frappe/lms/releases