Irohasoft: Security Vulnerabilities
Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-26
Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.
CVSS Score
4.3
EPSS Score
0.0
Published
2025-06-26