Early ICME 2025 Decision Exposed? fix needed 🛠️

river

Recently, someone surfaced (again) a method to query the decision status of a paper submission before the official release for ICME 2025. By sending requests to a specific API (https://cmt3.research.microsoft.com/api/odata/ICME2025/Submissions(Your_paper_id)) endpoint in the CMT system, one can see the submission status via a StatusId field, where 1 means pending, 2 indicates acceptance, and 3 indicates rejection.

This trick is not limited to ICME 2025. It appears that the same method can be applied to several other conferences, including: IJCAI, ICME, ICASSP, IJCNN and ICMR.

However, it is important to emphasize that using this technique violates the fairness and integrity of the peer-review process. Exploiting such a loophole undermines the confidentiality and impartiality that are essential to academic evaluations. This is a potential breach of academic ethics, and an official fix is needed to prevent abuse.

Below is a simplified Python script that demonstrates how this status monitoring might work. Warning: This code is provided solely for educational purposes to illustrate the vulnerability. It should not be used to bypass proper review procedures.

---

import requests
import time
import smtplib
from email.mime.text import MIMEText
from email.header import Header
import logging

# Configure logging
logging.basicConfig(
    level=logging.INFO,
    format='%(asctime)s - %(levelname)s - %(message)s',
    handlers=[
        logging.FileHandler("submission_monitor.log"),
        logging.StreamHandler()
    ]
)

# List of submission URLs to monitor (replace 'Your_paper_id' accordingly)
SUBMISSION_URLS = [
    "https://cmt3.research.microsoft.com/api/odata/ICME2025/Submissions(Your_paper_id)",
    "https://cmt3.research.microsoft.com/api/odata/ICME2025/Submissions(Your_paper_id)"
]

# Email configuration (replace with your actual details)
EMAIL_CONFIG = {
    "smtp_server": "smtp.qq.com",
    "smtp_port": 587,
    "sender": "your_email@example.com",
    "password": "your_email_password",
    "receiver": "recipient@example.com"
}

def get_status(url):
    """
    Check the submission status from the provided URL.
    Returns the status ID and a success flag.
    """
    try:
        headers = {
            'User-Agent': 'Mozilla/5.0',
            'Accept': 'application/json',
            'Referer': 'https://cmt3.research.microsoft.com/ICME2025/',
            # Insert your cookie here after logging in to CMT
            'Cookie': 'your_full_cookie'
        }
        response = requests.get(url, headers=headers, timeout=30)
        if response.status_code == 200:
            data = response.json()
            status_id = data.get("StatusId")
            logging.info(f"URL: {url}, StatusId: {status_id}")
            return status_id, True
        else:
            logging.error(f"Failed request. Status code: {response.status_code} for URL: {url}")
            return None, False
    except Exception as e:
        logging.error(f"Error while checking status for URL: {url} - {e}")
        return None, False

def send_notification(subject, message):
    """
    Send an email notification with the provided subject and message.
    """
    try:
        msg = MIMEText(message, 'plain', 'utf-8')
        msg['Subject'] = Header(subject, 'utf-8')
        msg['From'] = EMAIL_CONFIG["sender"]
        msg['To'] = EMAIL_CONFIG["receiver"]

        server = smtplib.SMTP(EMAIL_CONFIG["smtp_server"], EMAIL_CONFIG["smtp_port"])
        server.starttls()
        server.login(EMAIL_CONFIG["sender"], EMAIL_CONFIG["password"])
        server.sendmail(EMAIL_CONFIG["sender"], [EMAIL_CONFIG["receiver"]], msg.as_string())
        server.quit()
        logging.info(f"Email sent successfully: {subject}")
        return True
    except Exception as e:
        logging.error(f"Failed to send email: {e}")
        return False

def monitor_submissions():
    """
    Monitor the status of submissions continuously.
    """
    notified = set()
    logging.info("Starting submission monitoring...")

    while True:
        for url in SUBMISSION_URLS:
            if url in notified:
                continue

            status, success = get_status(url)
            if success and status is not None and status != 1:
                email_subject = f"Submission Update: {url}"
                email_message = f"New StatusId: {status}"
                if send_notification(email_subject, email_message):
                    notified.add(url)
                    logging.info(f"Notification sent for URL: {url} with StatusId: {status}")

        if all(url in notified for url in SUBMISSION_URLS):
            logging.info("All submission statuses updated. Ending monitoring.")
            break

        time.sleep(60)  # Wait for 60 seconds before checking again

if __name__ == "__main__":
    monitor_submissions()

---

Parting thoughts

While the discovery of this loophole may seem like an ingenious workaround, it is fundamentally unethical and a clear violation of the fairness expected in academic peer review. Exploiting such vulnerabilities not only compromises the integrity of the review process but also undermines the trust in scholarly communications.

We recommend the CMT system administrators to implement an official fix to close this gap. The academic community should prioritize fairness and the preservation of rigorous, unbiased review standards over any short-term gains that might come from exploiting such flaws.