CVE-2025-41069 – Insecure Direct Object References (IDOR) in DeporSite of T-Innova DeporSite

CVE ID : CVE-2025-41069

Published : 13. November 2025 14:15 | 43 Minuten ago

Description : Insecure Direct Object Reference (IDOR) vulnerability in DeporSite of T-INNOVA. This vulnerability allows an attacker to access or modify unauthorized resources by manipulating requests using the ‘idUsuario’ parameter in ‘/ajax/TInnova_v2/Formulario_Consentimiento/llamadaAjax/obtenerDatosConsentimientos’, which could lead to the exposure or alteration os confidential data.

Severity: 5.3 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…