CVE-2025-41404

Summary

Direct request ('Forced Browsing') issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product.

Affected Software

VendorProductVersion RangeStatus
iroha Soft Co., Ltd.iroha Boardversions v0.10.12 and earlieraffected

Weaknesses

  • CWE-425: Direct request ('Forced Browsing')

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References