Star5O

**Name of the Vulnerable Software and Affected Versions** songquanpeng one-api versions prior to 0.6.11-preview.7 **Description** A business logic error exists in the Redemption Code Top-Up Endpoint. The issue is located within the `Redeem()` function of the `model/redemption.go` file. This flaw allows for remote attacks, although it requires a high level of complexity and is difficult to exploit. **Recommendations** At the moment, there is no information about a newer version that contains a fix for this vulnerability.