CVE-2025-41340 | CanalDenuncia.app up to 4.4.7 buscarTipoDenunciabyId.php id_tp_denuncia/id_sociedad authorization

A vulnerability was found in CanalDenuncia.app up to 4.4.7. It has been declared as problematic. The impacted element is an unknown function of the file /backend/api/buscarTipoDenunciabyId.php. Executing manipulation of the argument id_tp_denuncia/id_sociedad can lead to missing authorization.

This vulnerability is tracked as CVE-2025-41340. The attack can be launched remotely. No exploit exists.

It is recommended to upgrade the affected component.VulDB Recent EntriesRead More