CNNVD-202511-166 Information
Nov 04, 2025
cve
CNNVD ID
CNNVD-202511-166
Related CVE
- CNNVD Published: 2025-11-04
Description (Chinese)
CanalDenuncia App是西班牙CanalDenuncia公司的一个举报通道应用软件。 CanalDenuncia App存在安全漏洞,该漏洞源于缺少授权检查,攻击者可通过参数id_sociedad发送POST请求访问其他用户信息。
Description (English)
CanalDenuncia App is a reporting channel application for the Spanish company CanalDenuncia. There is a security loophole in CanalDenuncia App, which stems from a lack of authorization to check and the attackers can send POST requests for access to other users through parameter id sociedad.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
CanalDenuncia
Published
2025-11-04
Last Modified
2026-02-24
References
https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canaldenunciaapp