Unrated severityNVD Advisory· Published Oct 2, 2025· Updated Oct 2, 2025
CVE-2025-56380
CVE-2025-56380
Description
Frappe Framework v15.72.4 was discovered to contain a SQL injection vulnerability via the fieldname parameter in the frappe.client.get_value API endpoint and a crafted script to the fieldname parameter
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2(expand)+ 1 more
- (no CPE)
- (no CPE)range: = 15.72.4
Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.