CVE-2025-70031

High CVSS: 8.8

An issue pertaining to CWE-352: Cross-Site Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

Vendor

Product

CWE

Yayın Tarihi

2026-03-09 20:16:02

Güncelleme

2026-04-01 15:39:56

Source Identifier

cve@mitre.org

KEV Date Added

CWE-352 Sunbirded-portal HIGH Sunbird 2026

https://gist.github.com/zcxlighthouse/470214b2f6fb0c82caecb9f369159006 https://github.com/Sunbird-Ed https://github.com/Sunbird-Ed/SunbirdEd-portal

High

CVE-2025-70027

An issue pertaining to CWE-918: Server-Side Request Forgery was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4. This…

High

CVE-2025-70028

An issue pertaining to CWE-22: Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') was discov…

High

CVE-2025-70030

An issue pertaining to CWE-1333: Inefficient Regular Expression Complexity (4.19) was discovered in Sunbird-Ed SunbirdEd…

Medium

CVE-2025-70032

An issue pertaining to CWE-601: URL Redirection to Untrusted Site was discovered in Sunbird-Ed SunbirdEd-portal v1.13.4.

Medium

CVE-2025-70033

An issue pertaining to CWE-79: Improper Neutralization of Input During Web Page Generation was discovered in Sunbird-Ed…

High

CVE-2025-70029

An issue in Sunbird-Ed SunbirdEd-portal v1.13.4 allows attackers to obtain sensitive information. The application disabl…