CVE-2025-41111

CVE-2025-41111 affects CanalDenuncia.app with a missing authorization vulnerability. An attacker can access other users’ information by sending a POST to /backend/api/buscarComentariosByDenuncia.php using the id_denuncia parameter. The issue is described consistently across multiple sources (Red ...