CVE-2025-6702

Name of the Vulnerable Software and Affected Versions: linlinjava litemall version 1.8.0

Description: A problematic issue was found in the software, affecting an unknown function of the file /wx/comment/post. The manipulation of the adminComment argument leads to improper authorization, allowing for remote attacks. The issue has been publicly disclosed.

Recommendations: For linlinjava litemall version 1.8.0, consider restricting access to the /wx/comment/post endpoint until a fix is available. As a temporary workaround, avoid using the adminComment argument in the affected endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this issue.