CVE-2025-11280 (GCVE-0-2025-11280)
Vulnerability from cvelistv5
Published
2025-10-05 03:32
Modified
2025-10-07 19:36
Severity ?
2.9 (Low) - CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P
3.7 (Low) - CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
3.7 (Low) - CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C
CWE
Summary
A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack's complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. It is advisable to upgrade the affected component. The vendor was informed early about a total of four security issues and confirmed that those have been fixed. However, the release notes on GitHub do not mention them.
References
cna@vuldb.comhttps://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1Exploit, Third Party Advisory
cna@vuldb.comhttps://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduceExploit, Third Party Advisory
cna@vuldb.comhttps://vuldb.com/?ctiid.327014Permissions Required, VDB Entry
cna@vuldb.comhttps://vuldb.com/?id.327014Third Party Advisory, VDB Entry
cna@vuldb.comhttps://vuldb.com/?submit.659694Exploit, Third Party Advisory, VDB Entry
134c704f-9b21-4f2e-91b3-4a467353bcc0https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1Exploit, Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduceExploit, Third Party Advisory
134c704f-9b21-4f2e-91b3-4a467353bcc0https://vuldb.com/?submit.659694Exploit, Third Party Advisory, VDB Entry
Impacted products
Vendor Product Version
Frappe LMS Version: 2.35.0
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-11280",
                "options": [
                  {
                    "Exploitation": "poc"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "partial"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-10-07T19:36:51.684179Z",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-10-07T19:36:55.895Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "references": [
          {
            "tags": [
              "exploit"
            ],
            "url": "https://vuldb.com/?submit.659694"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1"
          },
          {
            "tags": [
              "exploit"
            ],
            "url": "https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduce"
          }
        ],
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "modules": [
            "Assignment Picture Handler"
          ],
          "product": "LMS",
          "vendor": "Frappe",
          "versions": [
            {
              "status": "affected",
              "version": "2.35.0"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "0xHamy (VulDB User)"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. It is advisable to upgrade the affected component. The vendor was informed early about a total of four security issues and confirmed that those have been fixed. However, the release notes on GitHub do not mention them."
        },
        {
          "lang": "de",
          "value": "In Frappe LMS 2.35.0 wurde eine Schwachstelle gefunden. Betroffen davon ist ein unbekannter Prozess der Datei /files/ der Komponente Assignment Picture Handler. Mit der Manipulation mit unbekannten Daten kann eine direct request-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \u00fcber das Netzwerk. Ein Angriff erfordert eine vergleichsweise hohe Komplexit\u00e4t. Sie ist schwierig auszunutzen. Die Ausnutzung wurde ver\u00f6ffentlicht und kann verwendet werden. Die Aktualisierung der betroffenen Komponente wird empfohlen."
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "baseScore": 6.3,
            "baseSeverity": "MEDIUM",
            "vectorString": "CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P",
            "version": "4.0"
          }
        },
        {
          "cvssV3_1": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.1"
          }
        },
        {
          "cvssV3_0": {
            "baseScore": 3.7,
            "baseSeverity": "LOW",
            "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C",
            "version": "3.0"
          }
        },
        {
          "cvssV2_0": {
            "baseScore": 2.6,
            "vectorString": "AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C",
            "version": "2.0"
          }
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-425",
              "description": "Direct Request",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-10-05T03:32:06.307Z",
        "orgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
        "shortName": "VulDB"
      },
      "references": [
        {
          "name": "VDB-327014 | Frappe LMS Assignment Picture files direct request",
          "tags": [
            "vdb-entry"
          ],
          "url": "https://vuldb.com/?id.327014"
        },
        {
          "name": "VDB-327014 | CTI Indicators (IOB, IOC, TTP, IOA)",
          "tags": [
            "signature",
            "permissions-required"
          ],
          "url": "https://vuldb.com/?ctiid.327014"
        },
        {
          "name": "Submit #659694 | Frappe Frappe LMS 2.35.0 Improper Access Controls",
          "tags": [
            "third-party-advisory"
          ],
          "url": "https://vuldb.com/?submit.659694"
        },
        {
          "tags": [
            "related"
          ],
          "url": "https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1"
        },
        {
          "tags": [
            "exploit"
          ],
          "url": "https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduce"
        }
      ],
      "timeline": [
        {
          "lang": "en",
          "time": "2025-10-04T00:00:00.000Z",
          "value": "Advisory disclosed"
        },
        {
          "lang": "en",
          "time": "2025-10-04T02:00:00.000Z",
          "value": "VulDB entry created"
        },
        {
          "lang": "en",
          "time": "2025-10-04T11:28:14.000Z",
          "value": "VulDB entry last update"
        }
      ],
      "title": "Frappe LMS Assignment Picture files direct request"
    }
  },
  "cveMetadata": {
    "assignerOrgId": "1af790b2-7ee1-4545-860a-a788eba489b5",
    "assignerShortName": "VulDB",
    "cveId": "CVE-2025-11280",
    "datePublished": "2025-10-05T03:32:06.307Z",
    "dateReserved": "2025-10-04T09:22:22.603Z",
    "dateUpdated": "2025-10-07T19:36:55.895Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2025-11280\",\"sourceIdentifier\":\"cna@vuldb.com\",\"published\":\"2025-10-05T04:15:35.457\",\"lastModified\":\"2025-10-07T20:35:01.773\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. It is advisable to upgrade the affected component. The vendor was informed early about a total of four security issues and confirmed that those have been fixed. However, the release notes on GitHub do not mention them.\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X\",\"baseScore\":6.3,\"baseSeverity\":\"MEDIUM\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"LOW\",\"vulnIntegrityImpact\":\"NONE\",\"vulnAvailabilityImpact\":\"NONE\",\"subConfidentialityImpact\":\"NONE\",\"subIntegrityImpact\":\"NONE\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"PROOF_OF_CONCEPT\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NOT_DEFINED\",\"Recovery\":\"NOT_DEFINED\",\"valueDensity\":\"NOT_DEFINED\",\"vulnerabilityResponseEffort\":\"NOT_DEFINED\",\"providerUrgency\":\"NOT_DEFINED\"}}],\"cvssMetricV31\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N\",\"baseScore\":3.7,\"baseSeverity\":\"LOW\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"HIGH\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"LOW\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"exploitabilityScore\":2.2,\"impactScore\":1.4}],\"cvssMetricV2\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:H/Au:N/C:P/I:N/A:N\",\"baseScore\":2.6,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"HIGH\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"NONE\"},\"baseSeverity\":\"LOW\",\"exploitabilityScore\":4.9,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"cna@vuldb.com\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-425\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:frappe:learning:2.35.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A4798441-F3FA-420C-B28E-7DB3096A2A2B\"}]}]}],\"references\":[{\"url\":\"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduce\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://vuldb.com/?ctiid.327014\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Permissions Required\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?id.327014\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://vuldb.com/?submit.659694\",\"source\":\"cna@vuldb.com\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduce\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\"]},{\"url\":\"https://vuldb.com/?submit.659694\",\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"tags\":[\"Exploit\",\"Third Party Advisory\",\"VDB Entry\"]}]}}",
    "vulnrichment": {
      "containers": "{\"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-11280\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"poc\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"partial\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-10-07T19:36:51.684179Z\"}}}], \"references\": [{\"url\": \"https://vuldb.com/?submit.659694\", \"tags\": [\"exploit\"]}, {\"url\": \"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1\", \"tags\": [\"exploit\"]}, {\"url\": \"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduce\", \"tags\": [\"exploit\"]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-10-07T19:36:45.611Z\"}}], \"cna\": {\"title\": \"Frappe LMS Assignment Picture files direct request\", \"credits\": [{\"lang\": \"en\", \"type\": \"reporter\", \"value\": \"0xHamy (VulDB User)\"}], \"metrics\": [{\"cvssV4_0\": {\"version\": \"4.0\", \"baseScore\": 6.3, \"baseSeverity\": \"MEDIUM\", \"vectorString\": \"CVSS:4.0/AV:N/AC:H/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P\"}}, {\"cvssV3_1\": {\"version\": \"3.1\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C\"}}, {\"cvssV3_0\": {\"version\": \"3.0\", \"baseScore\": 3.7, \"baseSeverity\": \"LOW\", \"vectorString\": \"CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N/E:P/RL:O/RC:C\"}}, {\"cvssV2_0\": {\"version\": \"2.0\", \"baseScore\": 2.6, \"vectorString\": \"AV:N/AC:H/Au:N/C:P/I:N/A:N/E:POC/RL:OF/RC:C\"}}], \"affected\": [{\"vendor\": \"Frappe\", \"modules\": [\"Assignment Picture Handler\"], \"product\": \"LMS\", \"versions\": [{\"status\": \"affected\", \"version\": \"2.35.0\"}]}], \"timeline\": [{\"lang\": \"en\", \"time\": \"2025-10-04T00:00:00.000Z\", \"value\": \"Advisory disclosed\"}, {\"lang\": \"en\", \"time\": \"2025-10-04T02:00:00.000Z\", \"value\": \"VulDB entry created\"}, {\"lang\": \"en\", \"time\": \"2025-10-04T11:28:14.000Z\", \"value\": \"VulDB entry last update\"}], \"references\": [{\"url\": \"https://vuldb.com/?id.327014\", \"name\": \"VDB-327014 | Frappe LMS Assignment Picture files direct request\", \"tags\": [\"vdb-entry\"]}, {\"url\": \"https://vuldb.com/?ctiid.327014\", \"name\": \"VDB-327014 | CTI Indicators (IOB, IOC, TTP, IOA)\", \"tags\": [\"signature\", \"permissions-required\"]}, {\"url\": \"https://vuldb.com/?submit.659694\", \"name\": \"Submit #659694 | Frappe Frappe LMS 2.35.0 Improper Access Controls\", \"tags\": [\"third-party-advisory\"]}, {\"url\": \"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1\", \"tags\": [\"related\"]}, {\"url\": \"https://gist.github.com/0xHamy/beb840a754f50a7ee6500600147a6ac1#steps-to-reproduce\", \"tags\": [\"exploit\"]}], \"descriptions\": [{\"lang\": \"en\", \"value\": \"A flaw has been found in Frappe LMS 2.35.0. Impacted is an unknown function of the file /files/ of the component Assignment Picture Handler. This manipulation causes direct request. The attack may be initiated remotely. The attack\u0027s complexity is rated as high. The exploitability is considered difficult. The exploit has been published and may be used. It is advisable to upgrade the affected component. The vendor was informed early about a total of four security issues and confirmed that those have been fixed. However, the release notes on GitHub do not mention them.\"}, {\"lang\": \"de\", \"value\": \"In Frappe LMS 2.35.0 wurde eine Schwachstelle gefunden. Betroffen davon ist ein unbekannter Prozess der Datei /files/ der Komponente Assignment Picture Handler. Mit der Manipulation mit unbekannten Daten kann eine direct request-Schwachstelle ausgenutzt werden. Umgesetzt werden kann der Angriff \\u00fcber das Netzwerk. Ein Angriff erfordert eine vergleichsweise hohe Komplexit\\u00e4t. Sie ist schwierig auszunutzen. Die Ausnutzung wurde ver\\u00f6ffentlicht und kann verwendet werden. Die Aktualisierung der betroffenen Komponente wird empfohlen.\"}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-425\", \"description\": \"Direct Request\"}]}], \"providerMetadata\": {\"orgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"shortName\": \"VulDB\", \"dateUpdated\": \"2025-10-05T03:32:06.307Z\"}}}",
      "cveMetadata": "{\"cveId\": \"CVE-2025-11280\", \"state\": \"PUBLISHED\", \"dateUpdated\": \"2025-10-07T19:36:55.895Z\", \"dateReserved\": \"2025-10-04T09:22:22.603Z\", \"assignerOrgId\": \"1af790b2-7ee1-4545-860a-a788eba489b5\", \"datePublished\": \"2025-10-05T03:32:06.307Z\", \"assignerShortName\": \"VulDB\"}",
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }
  }
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.