Primary

Context

T-INNOVA DeporSite Insecure Direct Object Reference Vulnerability

Vulnerability

A vulnerability allowing Insecure Direct Object Reference (IDOR) has been identified in T-INNOVA's DeporSite application, specifically in versions prior to 02.14.1115. This vulnerability enables attackers to access or modify unauthorized resources by manipulating the 'idUsuario' parameter in a specific AJAX request. Such exploitation could result in the unauthorized exposure or alteration of confidential data.

Impact

Exploitation of this vulnerability could lead to unauthorized access to or modification of sensitive data.

Remediation

Users can upgrade to T-INNOVA DeporSite version 2025 v02.14.1115 to address this vulnerability.

Added: Nov 13, 2025, 2:17 PM

Updated: Nov 13, 2025, 2:17 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

4.8

remediation

7.7

relevance

1.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

T-INNOVA DeporSite Insecure Direct Object Reference Vulnerability

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating