Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnova_v2/Integrantes_Recurso_v2_1/llamadaAjax/buscarPersona’ using the ‘dni’ parameter.
Metrics
Affected Vendors & Products
References
History
Tue, 02 Sep 2025 08:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | Lack of authorisation in Deporsite by T-INNOVA. This vulnerability allows an unauthenticated attacker to obtain information from other users via GET ‘/ajax/TInnova_v2/Integrantes_Recurso_v2_1/llamadaAjax/buscarPersona’ using the ‘dni’ parameter. | |
Title | Multiple vulnerabilities in Deporsite by T-INNOVA | |
Weaknesses | CWE-863 | |
References |
| |
Metrics |
cvssV4_0
|

Status: PUBLISHED
Assigner: INCIBE
Published:
Updated: 2025-09-02T08:15:01.028Z
Reserved: 2025-04-16T09:09:26.929Z
Link: CVE-2025-41030

No data.

Status : Received
Published: 2025-09-02T09:15:33.170
Modified: 2025-09-02T09:15:33.170
Link: CVE-2025-41030

No data.

No data.