Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Presence of non-blacklisted URL bypasses all other filters
Vulnerability Description
Python discord bot is the community bot for the Python Discord community. In affected versions when a non-blacklisted URL and an otherwise triggering filter token is included in the same message the token filter does not trigger. This means that by including any non-blacklisted URL moderation filters can be bypassed. This issue has been resolved in commit 67390298852513d13e0213870e50fb3cff1424e0
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Vulnerability Type
输入验证不恰当
Vulnerability Title
Python Utility Bot 安全漏洞
Vulnerability Description
Python Utility Bot是专为 Discord 社区开发的社区机器人。 Python Utility Bot 存在安全漏洞,该漏洞源于在受影响的版本中,当一个未列入黑名单的URL和一个触发过滤器令牌包含在同一消息中时,令牌过滤器不会触发。攻击者可利用该漏洞通过包括任何未列入黑名单的URL审核过滤器可以被绕过。
CVSS Information
N/A
Vulnerability Type
N/A