CNNVD-202510-3504 Information

CNNVD ID

CNNVD-202510-3504

Related CVE

CVE-2025-12304

• CNNVD Published: 2025-10-27

Description (Chinese)

TIME-SEA-PLUS是bdth个人开发者的一个Ai平台。 dulaiduwang003 TIME-SEA-PLUS存在授权问题漏洞，该漏洞源于文件PayController.java中函数alipayIsSucceed存在授权不当，可能导致远程攻击。

Description (English)

TEME-SEA-PLUS is an Ai platform for bdth individual developers. Dulaiduwang003 TIME-SEA-PLUS has a mandate gap, which stems from the inappropriate authorization of the function of alipayIsSuced in document PayController.java, which may lead to a remote attack.

Hazard Level

High

Vulnerability Type

授权问题

Affected Vendor

个人开发者

Published

2025-10-27

Last Modified

2026-02-24

References

https://vuldb.com/?ctiid.329976 https://github.com/Hwwg/cve/issues/3 https://vuldb.com/?id.329976 https://vuldb.com/?submit.676283 https://access.redhat.com/security/cve/cve-2025-12304