exploitDog

GHSA-r7vp-cpwx-3ghg

Опубликовано: 26 июн. 2025

Источник: github

Github: Не прошло ревью

CVSS4: 5.1

CVSS3: 4.3

Описание

Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.

Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.

Ссылки

EPSS

Процентиль: 3%

0.00016

Низкий

5.1 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352

Связанные уязвимости

CVE-2025-48497

CVSS3: 4.3

nvd

8 месяцев назад

Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.

EPSS

Процентиль: 3%

0.00016

Низкий

5.1 Medium

CVSS4

4.3 Medium

CVSS3

CVE ID

Дефекты

CWE-352