Unrated severityNVD Advisory· Published Oct 16, 2025· Updated Oct 16, 2025
Frappe has an Open Redirect on Login Page
CVE-2025-62407
Description
Frappe is a full-stack web application framework. Prior to 14.98.0 and 15.83.0, an open redirect was possible through the redirect argument on the login page, if a specific type of URL was passed in. This vulnerability is fixed in 14.98.0 and 15.83.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2Patches
Vulnerability mechanics
References
1- github.com/frappe/frappe/security/advisories/GHSA-j9jr-qrpj-g855mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.