Pateljannat

**Name of the Vulnerable Software and Affected Versions** Frappe Learning versions 2.33.0 and below **Description** Frappe Learning is a learning system designed to help users structure content. The image upload functionality did not properly sanitize uploaded SVG files, allowing users to upload files containing embedded JavaScript or other potentially malicious content. These malicious SVG files could be used to execute arbitrary scripts in the context of other users. **Recommendations** Update to version 2.34.0 or later to address this issue.