Low severity2.6NVD Advisory· Published Sep 10, 2025· Updated Jun 17, 2026
CVE-2025-10216
CVE-2025-10216
Description
A vulnerability was detected in GrandNode up to 2.3.0. The impacted element is an unknown function of the file /checkout/ConfirmOrder/ of the component Voucher Handler. The manipulation of the argument giftvouchercouponcode results in race condition. The attack may be launched remotely. The attack requires a high level of complexity. The exploitability is regarded as difficult. The vendor was contacted early about this disclosure but did not respond in any way.
Affected products
1Patches
Vulnerability mechanics
References
3News mentions
0No linked articles in our index yet.