CVE-2023-22452 Improper Input Validation in kenny2automate

kenny2automate is a Discord bot. In the web interface for server settings, form elements were generated with Discord channel IDs as part of input names. Prior to commit a947d7c, no validation was performed to ensure that the channel IDs submitted actually belonged to the server being configured...

CVE-2023-22452

CVE-2023-22452 affects the Discord bot kenny2automate . The vulnerability is in the web interface for server settings where input names embedded Discord channel IDs, with no validation to confirm the IDs belong to the target server before commit a947d7c. This enables an attacker who has access to...

kenny2automate 输入验证错误漏洞

kenny2automate is a small Discord bot by the individual developers at AbyxDev. An input validation error vulnerability exists in previous versions of kenny2automate a947d7c, which stems from a failure to perform validation to ensure that the submitted channel ID actually belongs to the server bei...

PT-2023-18508 · Unknown · Kenny2Automate

Name of the Vulnerable Software and Affected Versions: kenny2automate versions prior to commit a947d7c Description: The issue concerns a Discord bot where form elements in the web interface for server settings were generated with Discord channel IDs as part of input names. No validation was...