CVE-2025-13115 | macrozheng mall-swarm up to 1.0.3 Order Details /order/detail/ detail orderId improper authorization

A vulnerability, which was classified as problematic, has been found in macrozheng mall-swarm up to 1.0.3. This impacts the function detail of the file /order/detail/ of the component Order Details Handler. Performing manipulation of the argument orderId results in improper authorization.

This vulnerability is cataloged as CVE-2025-13115. It is possible to initiate the attack remotely. Furthermore, there is an exploit available.

The vendor was contacted early about this disclosure but did not respond in any way.VulDB Recent EntriesRead More