CVE-2018-25092

A vulnerability was found in Vaerys-Dawn DiscordSailv2 up to 2.10.2. It has been declared as critical. Affected by this vulnerability is an unknown functionality of the component Command Mention Handler. The manipulation leads to improper access controls. Upgrading to version 2.10.3 is able to address this issue. The patch is named cc12e0be82a5d05d9f359ed8e56088f4f8b8eb69. It is recommended to upgrade the affected component. The associated identifier of this vulnerability is VDB-244483.
Configurations

Configuration 1 (hide)

cpe:2.3:a:vaerys-dawn:discordsailv2:*:*:*:*:*:*:*:*

History

21 Nov 2024, 04:03

Type Values Removed Values Added
References () https://github.com/Vaerys-Dawn/DiscordSailv2/commit/cc12e0be82a5d05d9f359ed8e56088f4f8b8eb69 - Patch () https://github.com/Vaerys-Dawn/DiscordSailv2/commit/cc12e0be82a5d05d9f359ed8e56088f4f8b8eb69 - Patch
References () https://github.com/Vaerys-Dawn/DiscordSailv2/releases/tag/2.10.3 - Release Notes () https://github.com/Vaerys-Dawn/DiscordSailv2/releases/tag/2.10.3 - Release Notes
References () https://vuldb.com/?ctiid.244483 - Permissions Required () https://vuldb.com/?ctiid.244483 - Permissions Required
References () https://vuldb.com/?id.244483 - Third Party Advisory () https://vuldb.com/?id.244483 - Third Party Advisory
CVSS v2 : 5.2
v3 : 9.8
v2 : 5.2
v3 : 5.5

29 Feb 2024, 01:23

Type Values Removed Values Added
New CVE

Information

Published : 2023-11-05 21:15

Updated : 2024-11-21 04:03


NVD link : CVE-2018-25092

Mitre link : CVE-2018-25092

CVE.ORG link : CVE-2018-25092


JSON object : View

Products Affected

vaerys-dawn

  • discordsailv2
CWE
CWE-284

Improper Access Control

NVD-CWE-Other