Security Advisory

CVE-2025-68928

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-29 15:06:31

Last updated 2025-12-29 16:12:29

Assigner GitHub_M

State PUBLISHED

Description

Frappe CRM is an open-source customer relationship management tool. Prior to version 1.56.2, authenticated users could set crafted URLs in a website field, which were not sanitized, causing cross-site scripting. Version 1.56.2 fixes the issue. No known workarounds are available.

← Browse all CVEs View on cve.org ↗