Unrated severityNVD Advisory· Published Oct 2, 2025· Updated Oct 2, 2025
CVE-2025-56381
CVE-2025-56381
Description
ERPNEXT v15.67.0 was discovered to contain multiple SQL injection vulnerabilities in the /api/method/frappe.desk.reportview.get endpoint via the order_by and group_by parameters.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
News mentions
0No linked articles in our index yet.