Home > Vulnerability Database > CVE-2025-62778

Mend.io Vulnerability Database

CVE-2025-62778

Good to know:

Date: October 27, 2025

Frappe Learning is a learning management system. A security issue was identified in Frappe Learning 2.39.1 and earlier, where students were able to access the Quiz Form if they had the URL.

Severity Score

4.3

Related Resources (4)

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-62778

Url: https://github.com/frappe/lms/commit/8749e21744547ae32f729bde05c854113e126750

Url: https://github.com/frappe/lms/security/advisories/GHSA-8xvv-6v89-xxgx

Url: https://www.mend.io/vulnerability-database/CVE-2025-62778

Severity Score

4.3

Weakness Type (CWE)

Direct Request ('Forced Browsing')

CWE-425

CVSS v3.1

Base Score:	4.3
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	LOW
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-62778

Good to know:

Date: October 27, 2025

Severity Score

Related Resources (4)

Severity Score

Weakness Type (CWE)

CVSS v3.1

Do you need more information?