Security Advisory

CVE-2025-56381

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-02 00:00:00

Last updated 2025-10-02 18:09:21

Assigner mitre

State PUBLISHED

Description

ERPNEXT v15.67.0 was discovered to contain multiple SQL injection vulnerabilities in the /api/method/frappe.desk.reportview.get endpoint via the order_by and group_by parameters.

← Browse all CVEs View on cve.org ↗