CVE-2023-39045

CVSS 3.1 Score 6.5 of 10 (medium)

Attack Complexity low
Confidentiality low
Integrity low
Availability none
Scope unchanged
Privileges Required none

Details

Published Sep 20, 2023
Updated: Sep 22, 2023

Summary

CVE-2023-39045 is a newly disclosed vulnerability affecting kokoroe_members, a popular Discord bot. The issue lies in Line 13.6.1 of the bot's code, where an information leak occurs. Hackers can exploit this flaw to obtain the channel access token, putting sensitive information at risk. Moreover, they can send crafted messages to manipulate conversations. This vulnerability underscores the importance of secure coding practices and regular software updates to mitigate potential threats.

Ligh bulbPrevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share