Unknown · Frappe Learning · CVE-2025-59415
**Name of the Vulnerable Software and Affected Versions**
Frappe Learning versions 2.34.1 and below
**Description**
Frappe Learning does not adequately sanitize content uploaded in the profile bio. This allows for the execution of arbitrary scripts in the context of other users through malicious SVG files.
**Recommendations**
Versions prior to 2.34.1 should be updated.