CVE-2025-41338 | CanalDenuncia.app up to 4.4.7 buscarTestigoByIdDenunciaUsuario.php id_denuncia authorization

A vulnerability was found in CanalDenuncia.app up to 4.4.7 and classified as problematic. Impacted is an unknown function of the file /backend/api/buscarTestigoByIdDenunciaUsuario.php. Such manipulation of the argument id_denuncia leads to missing authorization.

This vulnerability is referenced as CVE-2025-41338. It is possible to launch the attack remotely. No exploit is available.

It is suggested to upgrade the affected component.VulDB Recent EntriesRead More