CNNVD-202511-174 Information

Nov 04, 2025 cve

CNNVD ID

CNNVD-202511-174

CVE-2025-41113

CNNVD Published: 2025-11-04

Description (Chinese)

CanalDenuncia App是西班牙CanalDenuncia公司的一个举报通道应用软件。 CanalDenuncia App存在安全漏洞，该漏洞源于缺少授权检查，攻击者可通过发送POST请求操作参数id_denuncia，可能导致访问其他用户信息。

Description (English)

CanalDenuncia App is a reporting channel application for the Spanish company CanalDenuncia. There is a security loophole in CanalDenuncia App, which stems from a lack of authorization to inspect, and by sending POST ’ s requested operating parameter id denuncia, the attackers may have access to other user information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

CanalDenuncia

Published

2025-11-04

Last Modified

2026-02-24

References

https://www.incibe.es/en/incibe-cert/notices/aviso/multiple-vulnerabilities-canaldenunciaapp

Patch

https://canaldenuncia.app/

Share on: