CVE-2025-41069

Name of the Vulnerable Software and Affected Versions DeporSite (affected versions not specified)

Description An Insecure Direct Object Reference (IDOR) issue exists in DeporSite of T-INNOVA. This allows an attacker to potentially access or modify unauthorized resources. The issue stems from manipulating requests using the idUsuario parameter within the /ajax/TInnova v2/Formulario Consentimiento/llamadaAjax/obtenerDatosConsentimientos API endpoint, potentially leading to the exposure or alteration of confidential data.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.