CVE-2025-46547 Information

Description

In Sherpa Orchestrator 141851 the web application lacks protection against CSRF attacks with resultant effects of an attacker conducting XSS attacks adding a new user or role or exploiting a SQL injection issue.

Reference

https://deiteriy.com https://gist.github.com/ArtemBrylev/9af206c46d7505db03ad6fcd9fc46f7f https://sherparpa.com https://twitter.com/ArtyomBrylev