MoAlali/CVE-2025-56381

Releases0

ERPNEXT v15.67.0 was discovered to contain multiple SQL injection vulnerabilities in the /api/method/frappe.desk.reportview.get endpoint via the order_by and group_by parameters.

Subscribe above to receive notifications when new versions are released.

	Version	Date	Stability Stability is determined by the version string and my be inaccurate.

Previous Next