CNNVD-202511-169 Information

Nov 04, 2025 cve

CNNVD ID

CNNVD-202511-169

CVE-2025-41336

CNNVD Published: 2025-11-04

Description (Chinese)

CanalDenuncia App是西班牙CanalDenuncia公司的一个举报通道应用软件。 CanalDenuncia App存在安全漏洞，该漏洞源于缺少授权检查，攻击者可通过向/backend/api/buscarConfiguracionParametros.php发送带web参数的POST请求访问其他用户信息。

Description (English)

CanalDenuncia App is a reporting channel application for the Spanish company CanalDenuncia. There is a security loophole in CanalDenuncia App, which stems from a lack of authorized inspections, and the attackers can access other users’ information by sending a POST request with web parameters to /backend/api/buscarConfiguracionParametros.php.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CanalDenuncia

Published

2025-11-04

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canaldenunciaapp

Patch

https://canaldenuncia.app/

Share on: