CNNVD-202509-200 Information

CNNVD ID

CNNVD-202509-200

Related CVE

CVE-2025-41031

• CNNVD Published: 2025-09-02

Description (Chinese)

T-INNOVA Deporsite是T-INNOVA公司的一款应用程序。 T-INNOVA Deporsite 存在安全漏洞，该漏洞源于缺少授权，可能导致通过POST请求和IdPersona及Foto参数修改其他用户头像。

Description (English)

T-INOVA Deprosite is an application of T-INNOVA. There is a security gap in T-INNOVA Deprosite, which stems from a lack of authorization and may lead to modifications of other user profiles through POST requests and IdPersona and Foto parameters.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

T-INNOVA

Published

2025-09-02

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-deporsite-t-innova https://nvd.nist.gov/vuln/detail/CVE-2025-41031

Patch

https://deporsite.net/