Home / Vulnerability Intelligence / CVE-2025-70031

CVE-2025-70031 - Vulnerability Analysis

HighCVSS: 8.8

Last Updated: March 11, 2026

Sunbird-Ed SunbirdEd-portal - Cross-Site Request Forgery

Published: March 9, 2026Updated: March 11, 2026Remote Exploitable

Overview

Sunbird-Ed SunbirdEd-portal v1.13.4 contains a cross-site request forgery caused by insufficient request validation, letting attackers perform unauthorized actions, exploit requires victim interaction.

Severity & Score

Severity: High

CVSS Score: 8.8

Impact

Attackers can perform unauthorized actions on behalf of authenticated users, potentially compromising user data or functionality.

Mitigation

Update to the latest version.

References

https://github.com/Sunbird-Ed/SunbirdEd-portal
https://gist.github.com/zcxlighthouse/470214b2f6fb0c82caecb9f369159006
https://github.com/Sunbird-Ed

Related Resources

Vulnerability Intelligence Dashboard
Credential Scanner

Details

CVE ID: CVE-2025-70031
Severity: High
CVSS Score: 8.8
Type: cross_site_request_forgery
Status: unconfirmed

CWE

CWE-352

CVSS Metrics

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H