A vulnerability marked as problematic has been reported in CanalDenuncia.app up to 4.4.7. This impacts an unknown function of the file /backend/api/buscarComentariosByDenuncia.php. This manipulation of the argument id_denuncia causes missing authorization.
This vulnerability appears as CVE-2025-41111. The attack may be initiated remotely. There is no available exploit.
It is suggested to upgrade the affected component.
