2025-11-13 13:23:18
INCIBE
PUBLISHED
Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the idUsuario parameter in ‘/ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientos’, which could lead to the exposure or alteration os confidential data.