A vulnerability was determined in zhinianboke xianyu-auto-reply on Server. Affected by this vulnerability is an unknown functionality of the file /api/v1/payment/withdraw/review?action=approve. Executing a manipulation can lead to trusting http permission methods on the server side. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 19fc3282a1bb78a05c34945c088525d20e081cbd. It is best practice to apply a patch to resolve this issue.
Metrics
Affected Vendors & Products
References
History
Tue, 14 Jul 2026 22:45:00 +0000
| Type | Values Removed | Values Added |
|---|---|---|
| Description | A vulnerability was determined in zhinianboke xianyu-auto-reply on Server. Affected by this vulnerability is an unknown functionality of the file /api/v1/payment/withdraw/review?action=approve. Executing a manipulation can lead to trusting http permission methods on the server side. The attack may be launched remotely. The exploit has been publicly disclosed and may be utilized. This patch is called 19fc3282a1bb78a05c34945c088525d20e081cbd. It is best practice to apply a patch to resolve this issue. | |
| Title | zhinianboke xianyu-auto-reply review approve trusting http permission methods on the server side | |
| First Time appeared |
Zhinianboke
Zhinianboke xianyu-auto-reply |
|
| Weaknesses | CWE-650 | |
| CPEs | cpe:2.3:a:zhinianboke:xianyu-auto-reply:*:*:*:*:*:*:*:* | |
| Vendors & Products |
Zhinianboke
Zhinianboke xianyu-auto-reply |
|
| References |
|
|
| Metrics |
cvssV2_0
|
Status: PUBLISHED
Assigner: VulDB
Published: 2026-07-14T22:30:09.981Z
Updated: 2026-07-14T22:30:09.981Z
Reserved: 2026-07-14T15:51:28.328Z
Link: CVE-2026-15753
No data.
No data.
No data.