CVE-2025-48497
CVE-2025-48497
Cross-site request forgery vulnerability exists in iroha Board versions v0.10.12 and earlier. If a user accesses a specially crafted URL while being logged in to the affected product, arbitrary learning histories may be registered.
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:A/VC:N/VI:L/VA:N/SC:N/SI:N/SA:N
Affected products
iroha Soft Co., Ltd. · iroha BoardWant to know if your infrastructure is exposed to this?
Talk to TrueHacking →