A vulnerability was found in Frappe LMS 2.34.x/2.35.0 related to an incomplete fix for CVE-2025-55006. This flaw can lead to cross-site scripting. Remote exploitation is a possibility, and the exploit is publicly known. Users should upgrade as the vendor has addressed multiple security issues.
CVE-2025-11282
🔵 Low
CVE-2025-11282: Vulnerability in Frappe LMS
CVE-2025-11282 affects Frappe LMS versions 2.34.x/2.35.0, leading to cross-site scripting vulnerabilities. Remote exploitation is possible.
CVE ID
CVE-2025-11282
CVSS Score
2.4
Vendor
unknown
Published
Oct 05
Vulnerability Details
- CVE ID
- CVE-2025-11282
- Severity
- Low
- CVSS v3 Score
- 2.4 / 10.0
- Affected Vendor
- unknown
- Publication Date
- October 05, 2025
External Resources
Need Help?
Protect your infrastructure with our comprehensive security scanning tools.
Explore Security Scanners