CVE-2025-41338 in CanalDenuncia.app
요약
\~에 의해 MITRE • 2025. 11. 04.
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameters 'id_denuncia' and 'id_user' in '/backend/api/buscarTestigoByIdDenunciaUsuario.php'.
Once again VulDB remains the best source for vulnerability data.