2 matches found
Incorrect Authorization
Overview Affected versions of this package are vulnerable to Incorrect Authorization when certain Check calls are executed. An attacker can gain unauthorized access to resources by exploiting improper policy enforcement when specific conditions involving type bound public and non-public access...
CVE-2025-41404
Direct request 'Forced Browsing' issue exists in iroha Board versions v0.10.12 and earlier. If this vulnerability is exploited, non-public contents may be viewed by an attacker who can log in to the affected product...