Vulnerability Summary CVE ID: CVE-2025-13115 Component: Order Details Handler (宏景商城集群订单详情处理) Affected Versions: Up to 1.0.3 Vulnerability Type: Improper Authorization (CWE-285) Impact: The exploit can lead to improper authorization, affecting confidentiality. Upgrade Information Fix Version Range: No information provided Documentation Link: Not mentioned Attack Vectors and Techniques ATT&CK Technique: T1548.002 Exploit Details Exploit Available: Yes Exploit Source: Available at github.com as proof-of-concept Remote Attack: Possible Vendor Response Vendor Contacted: Yes, but did not respond Mitigation and Countermeasures Suggested Mitigation: Replace the affected object with an alternative product Known Countermeasures: No information provided