CVE-2026-34606: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in frappe lms
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0.
AI Analysis
Technical Summary
CVE-2026-34606 is a stored cross-site scripting (CWE-79) vulnerability in Frappe LMS affecting versions 2.27.0 through 2.47.x. The vulnerability arises from improper neutralization of input during web page generation, allowing attackers to inject malicious scripts that persist in the system. This can lead to client-side code execution when users view the affected content. The vulnerability has been fixed in version 2.48.0. The CVSS 4.0 vector indicates the attack is network accessible, requires no privileges or user interaction, and has limited impact on integrity but no impact on confidentiality or availability.
Potential Impact
Successful exploitation of this stored XSS vulnerability could allow an attacker to execute arbitrary scripts in the context of users' browsers when they access affected pages. This may lead to session hijacking, defacement, or other client-side attacks. However, the impact is limited to integrity with no direct confidentiality or availability impact as per the CVSS vector. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Users and administrators of Frappe LMS should upgrade to version 2.48.0 or later, where this vulnerability has been patched. Since this is a software vulnerability in a non-cloud product, applying the official update is the recommended remediation. Patch status is confirmed by the vendor advisory stating the issue is fixed in version 2.48.0.
CVE-2026-34606: CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in frappe lms
Description
Frappe Learning Management System (LMS) is a learning system that helps users structure their content. From version 2.27.0 to before version 2.48.0, Frappe LMS was vulnerable to stored XSS. This issue has been patched in version 2.48.0.
AI-Powered Analysis
Machine-generated threat intelligence
Technical Analysis
CVE-2026-34606 is a stored cross-site scripting (CWE-79) vulnerability in Frappe LMS affecting versions 2.27.0 through 2.47.x. The vulnerability arises from improper neutralization of input during web page generation, allowing attackers to inject malicious scripts that persist in the system. This can lead to client-side code execution when users view the affected content. The vulnerability has been fixed in version 2.48.0. The CVSS 4.0 vector indicates the attack is network accessible, requires no privileges or user interaction, and has limited impact on integrity but no impact on confidentiality or availability.
Potential Impact
Successful exploitation of this stored XSS vulnerability could allow an attacker to execute arbitrary scripts in the context of users' browsers when they access affected pages. This may lead to session hijacking, defacement, or other client-side attacks. However, the impact is limited to integrity with no direct confidentiality or availability impact as per the CVSS vector. There are no reports of active exploitation in the wild.
Mitigation Recommendations
Users and administrators of Frappe LMS should upgrade to version 2.48.0 or later, where this vulnerability has been patched. Since this is a software vulnerability in a non-cloud product, applying the official update is the recommended remediation. Patch status is confirmed by the vendor advisory stating the issue is fixed in version 2.48.0.
Technical Details
- Data Version
- 5.2
- Assigner Short Name
- GitHub_M
- Date Reserved
- 2026-03-30T17:15:52.500Z
- Cvss Version
- 4.0
- State
- PUBLISHED
Threat ID: 69ceb0a7e6bfc5ba1df381df
Added to database: 4/2/2026, 6:08:39 PM
Last enriched: 4/9/2026, 10:48:33 PM
Last updated: 5/20/2026, 8:52:23 PM
Views: 38
Community Reviews
0 reviewsCrowdsource mitigation strategies, share intel context, and vote on the most helpful responses. Sign in to add your voice and help keep defenders ahead.
Want to contribute mitigation steps or threat intel context? Sign in or create an account to join the community discussion.
Actions
Updates to AI analysis require Pro Console access. Upgrade inside Console → Billing.
Need more coverage?
Upgrade to Pro Console for AI refresh and higher limits.
For incident response and remediation, OffSeq services can help resolve threats faster.
Latest Threats
Check if your credentials are on the dark web
Instant breach scanning across billions of leaked records. Free tier available.