6 matches found
CVE-2025-46552
KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commits on version 1.2, a vulnerability was identified where user data, including email addresses and Discord usernames, were exposed in API responses...
CVE-2025-46552 KHC-INVITATION-AUTOMATION Sensitive User Information Leakage in Invitation Automation
KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commits on version 1.2, a vulnerability was identified where user data, including email addresses and Discord usernames, were exposed in API responses...
CVE-2025-46552 KHC-INVITATION-AUTOMATION Sensitive User Information Leakage in Invitation Automation
KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commits on version 1.2, a vulnerability was identified where user data, including email addresses and Discord usernames, were exposed in API responses...
CVE-2025-46552 KHC-INVITATION-AUTOMATION Sensitive User Information Leakage in Invitation Automation
KHC-INVITATION-AUTOMATION is a GitHub automation script that automatically invites followers of a bot account to join your organization. In some commits on version 1.2, a vulnerability was identified where user data, including email addresses and Discord usernames, were exposed in API responses...
KHC-INVITATION-AUTOMATION 访问控制错误漏洞
KHC-INVITATION-AUTOMATION is an open source tool from Krypto Hashers to automatically invite GitHub followers to join your organization. An Access Control Error Vulnerability exists in KHC-INVITATION-AUTOMATION version 1.2, which stems from a lack of access control in the API response and could...
PT-2025-18213 · Unknown · Khc-Invitation-Automation
Name of the Vulnerable Software and Affected Versions: KHC-INVITATION-AUTOMATION version 1.2 Description: The issue concerns a GitHub automation script where user data, including email addresses and Discord usernames, were exposed in API responses without proper access controls. This allowed...