CNNVD-202601-2452 Information
CNNVD ID
CNNVD-202601-2452
Related CVE
- CNNVD Published: 2026-01-14
Description (Chinese)
Crazy Bubble Tea App是波兰Crazy Bubble Tea公司的一个珍珠奶茶点餐手机应用。 Crazy Bubble Tea App 915之前版本和7.4.1之前版本存在安全漏洞,该漏洞源于服务器未验证权限,可能导致枚举loyaltyGuestId参数获取其他用户个人信息。
Description (English)
Crazy Bubble Tea App is a pearl tea snack phone application for the Polish company Crazy Bubble Tea. There is a security loophole in the pre-Crazy Bubble Tea App 915 and before 7.4.1, which stems from the server ’ s lack of authentication permission, which may lead to the acquisition of other user ’ s personal information by a list of loyaltyGuestId parameters.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Crazy Bubble Tea
Published
2026-01-14
Last Modified
2026-02-24
References
https://cert.pl/posts/2026/01/CVE-2025-14317 https://crazybubble.pl/aplikacja-crazy-bubble/ https://access.redhat.com/security/cve/cve-2025-14317
Patch
https://crazybubble.pl/aplikacja-crazy-bubble/
Share on: