CVE-2025-71388
CVE-2025-71388 affects stoatchat (delta/Revolt) versions from 20241213-1 up to before 20250210-1. The issue stems from the webhook fetch endpoint checking ViewChannel (read) instead of ManageWebhooks, allowing users with only channel read permission to retrieve the channel’s webhooks and their to...