CVE-2025-0739
CVE-2025-0739 affects EmbedAI 2.1 and earlier. The issue is an improper access control that allows an authenticated attacker to disclose subscription information of other users by altering the SUSCBRIPTION_ID parameter in the endpoint /demos/embedai/subscriptions/show/. Affected component: the /d...