3 matches found
CVE-2025-41343
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'email' in '/backend/api/users/searchUserByEmail.php'...
CVE-2025-41343 Missing Authorization vulnerability in CanalDenuncia.app
A lack of authorisation vulnerability has been detected in CanalDenuncia.app. This vulnerability allows an attacker to access other users' information by sending a POST through the parameter 'email' in '/backend/api/users/searchUserByEmail.php'...
CVE-2025-41343
CVE-2025-41343 affects CanalDenuncia.app: a missing authorization check in /backend/api/users/searchUserByEmail.php allows a POST with the email parameter to access other users’ information. Root cause: improper authorization validation leading to information disclosure (confidentiality impact). ...