Incorrect access control in the component ApiOrderService.java of platform v1.0.0 allows attackers to access sensitive information via a crafted request.Referenceshttps://gitee.com/fuyang_lipengjun/platformhttps://gist.github.com/xueye0629/85730f2317cfac2796fe5e23da3ae399
