Unrated severityNVD Advisory· Published Oct 2, 2025· Updated Oct 3, 2025
CVE-2025-56379
CVE-2025-56379
Description
A stored cross-site scripting (XSS) vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
2News mentions
0No linked articles in our index yet.