Vulnerabilities

CVE-2025-3574

by Fred · 15/04/2025

Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via “idUsuario” parameter in “/helper/Familia/obtenerFamiliaUsuario” endpoint.

Assigner : cve-coordination@incibe.es

More information : https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-deporsite-t-innova

Similar

Tags: Cybersecurity Alert