Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Ree6 may bypass webhook protection
Vulnerability Description
Ree6 is a moderation bot. This vulnerability would allow other server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another server as a target. This would mean you could send log messages to another Guild channel and bypass raid and webhook protections. A specifically crafted log message could allow spamming and mass advertisements. This issue has been patched in version 1.9.9. There are currently no known workarounds.
CVSS Information
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:L/I:L/A:L
Vulnerability Type
授权机制不正确
Vulnerability Title
Ree6 安全漏洞
Vulnerability Description
Ree6是Ree6开源的一个由 Presti 维护的一体化 Discord Bot。 Ree6 1.9.9之前版本存在安全漏洞,该漏洞源于跨服务器通道利用,攻击者利用该漏洞可以将服务器日志事件发送到另一个服务器通道,该通道可用于绕过突袭和垃圾邮件保护。
CVSS Information
N/A
Vulnerability Type
N/A