CVE-2025-52043 | Frappe ERPNext 15.57.5 chart_of_accounts_importer.py import_coa company sql injection

A vulnerability was found in Frappe ERPNext 15.57.5. It has been rated as critical. Affected by this vulnerability is the function import_coa of the file erpnext/accounts/doctype/chart_of_accounts_importer/chart_of_accounts_importer.py. Performing manipulation of the argument company results in sql injection.

This vulnerability was named CVE-2025-52043. The attack may be initiated remotely. There is no available exploit.

To fix this issue, it is recommended to deploy a patch.VulDB Recent EntriesRead More