Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-3575

Insecure Direct Object Reference vulnerability in Deporsite from T-INNOVA allows an attacker to retrieve sensitive information from others users via "idUsuario" parameter in "/helper/Familia/establecerUsuarioSeleccion" endpoint.

Published

2025-04-15T09:15:13.670

Last Modified

2025-04-15T18:39:27.967

Status

Awaiting Analysis

Source

[email protected]

Severity

Weaknesses

Type: Secondary
CWE-639

Affected Vendors & Products

References

https://www.incibe.es/en/incibe-cert/notices/aviso/insecure-direct-object-reference-deporsite-t-innova ([email protected])