← voltar
CVE-2022-39302

Ree6 may bypass webhook protection

CVSS 5.5 MEDIUMEPSS 0.4%CWE-863
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protections. A specifically crafted log message could allow spamming and mass advertisements. This issue has been patched in version 1.9.9. There are currently no known workarounds.
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Produtos afetados
Ree6-Applications · Ree6

Quer saber se a sua infraestrutura está exposta a isto?

Falar com a TrueHacking →
Referências
https://github.com/Ree6-Applications/Ree6/commit/459b5bc24f0ea27e50031f563373926e94b9aa0ahttps://github.com/Ree6-Applications/Ree6/security/advisories/GHSA-v574-xgcf-5w8x