Vulnerability Details CVE-2025-41404
Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 7.5%
CVSS Severity
CVSS v3 Score 4.3
Products affected by CVE-2025-41404
-
cpe:2.3:a:irohasoft:iroha_board:0.10.0
-
cpe:2.3:a:irohasoft:iroha_board:0.10.1
-
cpe:2.3:a:irohasoft:iroha_board:0.10.12
-
cpe:2.3:a:irohasoft:iroha_board:0.10.2
-
cpe:2.3:a:irohasoft:iroha_board:0.10.3
-
cpe:2.3:a:irohasoft:iroha_board:0.10.4
-
cpe:2.3:a:irohasoft:iroha_board:0.10.5
-
cpe:2.3:a:irohasoft:iroha_board:0.10.6
-
cpe:2.3:a:irohasoft:iroha_board:0.10.7
-
cpe:2.3:a:irohasoft:iroha_board:0.10.8
-
cpe:2.3:a:irohasoft:iroha_board:0.10.9