Primary

Context

iroha Board Cross-Site Request Forgery Vulnerability

Vulnerability

A cross-site request forgery (CSRF) vulnerability exists in iroha Board versions through v0.10.12. This vulnerability allows an attacker to trick a logged-in user into accessing a maliciously crafted URL, which can result in the unauthorized registration of learning histories.

Impact

Exploitation of this vulnerability could lead to the unauthorized registration of learning histories on behalf of the user.

Remediation

Users are advised to update to iroha Board version v0.10.13 or later.

Added: Jun 26, 2025, 6:17 AM

Updated: Jun 26, 2025, 6:17 AM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

0.6

exploitability

6.4

remediation

7.7

relevance

0.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

iroha Board Cross-Site Request Forgery Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating