Changeyu0229

**Name of the Vulnerable Software and Affected Versions** New API versions prior to 0.12.10 **Description** A flaw in the Stripe webhook handler allows unauthenticated attackers to forge webhook events and credit arbitrary quota to their accounts without payment. This is caused by three issues: the system does not reject requests when `StripeWebhookSecret` is empty (the default), allowing attackers to compute valid signatures; the `sessionCompleted` handler fails to verify that `payment status` is set to `paid`; and the `Recharge()` function does not validate that the order's `PaymentMethod` matches the callback source, enabling cross-gateway exploitation where orders from other payment methods can be fulfilled via a forged Stripe webhook. Technical details include: - API Endpoint: '/api/stripe/webhook' - Vulnerable Variables: `StripeWebhookSecret` - Vulnerable Functions: `StripeWebhook()`, `sessionCompleted()`, and `Recharge()` **Recommendations** Update to version 0.12.10. As a temporary workaround, set `StripeWebhookSecret` to any non-empty value in the admin panel. If Stripe is not used, block access to the '/api/stripe/webhook' endpoint using a reverse proxy.