Security Advisory

CVE-2025-10655

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-09 14:49:53

Last updated 2025-12-09 15:06:24

Assigner Fluid Attacks

State PUBLISHED

Description

SQL Injection in Frappe HelpDesk in the dashboard get_dashboard_data due to unsafe concatenation of user-controlled parameters into dynamic SQL statements.This issue affects Frappe HelpDesk: 1.14.0.

← Browse all CVEs View on cve.org ↗