CVE-2025-59415 | Frappe LMS up to 2.34.1 SVG File cross site scripting (GHSA-h7gh-3vq5-96jx)

A vulnerability was found in Frappe LMS up to 2.34.1. It has been declared as problematic. Affected by this vulnerability is an unknown functionality of the component SVG File Handler. Such manipulation leads to cross site scripting.

This vulnerability is traded as CVE-2025-59415. The attack may be launched remotely. There is no exploit available.

It is advisable to implement a patch to correct this issue.VulDB Recent EntriesRead More