CVE-2025-66434 | Frappe ERPNext up to 15.89.0 Jinja2 Template render_template special elements used in a template engine

A vulnerability was found in Frappe ERPNext up to 15.89.0. It has been declared as critical. This vulnerability affects the function render_template of the component Jinja2 Template Handler. Such manipulation leads to improper neutralization of special elements used in a template engine.

This vulnerability is uniquely identified as CVE-2025-66434. The attack can be launched remotely. No exploit exists.VulDB Recent EntriesRead More