CNNVD-202508-1727 Information
Aug 14, 2025
cve
CNNVD ID
CNNVD-202508-1727
Related CVE
- CNNVD Published: 2025-08-14
Description (Chinese)
litemall是linlinjava个人开发者的一个小商场系统。 litemall 1.8.0及之前版本存在安全漏洞,该漏洞源于对文件litemall-wx-api/src/main/java/org/linlinjava/litemall/wx/util/JwtHelper.java中参数SECRET的错误操作导致硬编码凭证。
Description (English)
Itemall is a small mall system for Linlinjava personal developers. There is a security loophole in the forumall-wx-api/src/main/java/org/linjava/litemall/wx/util/JwtHelper.java ’ s parameter SECRET resulted from an error in the document.
Hazard Level
Critical
Vulnerability Type
其他
Affected Vendor
个人开发者
Published
2025-08-14
Last Modified
2026-02-24
References
https://github.com/linlinjava/litemall/issues/568 https://vuldb.com/?ctiid.319970 https://vuldb.com/?submit.628233 https://vuldb.com/?id.319970 https://github.com/linlinjava/litemall/issues/568#issue-3289860066 https://nvd.nist.gov/vuln/detail/CVE-2025-8974
Share on: