Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Privilege Escalation in Channelmgnt plug-in for Sopel
Vulnerability Description
In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
Vulnerability Type
授权机制不正确
Vulnerability Title
Sopel Channelmgnt 安全漏洞
Vulnerability Description
Sopel Channelmgnt是个人开发者的一个 Sopel 插件,Sepel 是一个使用Python编写的开源IRC实用程序机器人。 Sopel的Channelmgnt插件(Python IRC机器人)1.0.3之前版本存在安全漏洞,攻击者可利用该漏洞op/voice并接管频道。
CVSS Information
N/A
Vulnerability Type
N/A