Security Advisory

CVE-2025-41069

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-11-13 13:23:18

Last updated 2025-11-13 13:57:22

Assigner INCIBE

State PUBLISHED

Description

Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the idUsuario parameter in ‘/ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientos’, which could lead to the exposure or alteration os confidential data.

← Browse all CVEs View on cve.org ↗