6 matches found
CVE-2026-47176
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...
Quest Bot 信息泄露漏洞
Quest Bot is a multi-functional Discord community management robot developed by Duck Organization. Versions of Quest Bot prior to 1.0.4 contained an information leakage vulnerability. This vulnerability stemmed from the logging feature not restricting channel access, allowing configured users to...
PT-2026-48715
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, a user who can configure bot settings can enable logging and choose a logging channel they can read. The bot then logs deleted and edited message contents from every channel it can...
Stored Cross Site Scripting (XSS)
starcitizentools/citizen-skin is vulnerable to Stored Cross Site Scripting XSS. The vulnerability is due to improper handling of system message content in the sticky header, where innerHTML is assigned from user-editable message text, which allows an attacker with interface message edit privilege...
EUVD-2022-52718
Malicious code in bioql PyPI...
thunderbird: Information Disclosure of /tmp directory listing
A flaw was found in Thunderbird. The Mozilla Foundation's Security Advisory describes the following issue: By crafting a malformed file name for an attachment in a multipart message, an attacker can trick Thunderbird into including a directory listing of /tmp when the message is forwarded or edit...