Security Advisory

CVE-2025-62407

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-10-16 17:39:32

Last updated 2025-10-16 19:22:52

Assigner GitHub_M

State PUBLISHED

Description

Frappe is a full-stack web application framework. Prior to 14.98.0 and 15.83.0, an open redirect was possible through the redirect argument on the login page, if a specific type of URL was passed in. This vulnerability is fixed in 14.98.0 and 15.83.0.

← Browse all CVEs View on cve.org ↗