CVE-2025-52896 | Frappe up to 14.94.1/15.56.x Data Import cross site scripting (GHSA-hv29-66qg-2v6p)

A vulnerability, which was classified as problematic, has been found in Frappe up to 14.94.1/15.56.x. This issue affects some unknown processing of the component Data Import. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2025-52896. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More