CVE-2025-56379
02.10.2025, 14:15
A stored cross-site scripting (XSS) vulnerability in the blog post feature of ERPNEXT v15.67.0 allows attackers to execute arbitrary web scripts or HTML via a crafted payload injected into the content field.Enginsight
Awaiting analysis
This vulnerability is currently awaiting analysis.