Vulnerabilities

CVE-2025-68928

by Fred · 29/12/2025

Frappe CRM is an open-source customer relationship management tool. Prior to version 1.56.2, authenticated users could set crafted URLs in a website field, which were not sanitized, causing cross-site scripting. Version 1.56.2 fixes the issue. No known workarounds are available.

More information : https://github.com/frappe/crm/commit/c5766d9989131d17d954e866bfc4b8d3b23e4f10

Similar

Tags: Cybersecurity Alert