Safety vulnerability ID: 72135
The information on this page was manually curated by our Cybersecurity Intelligence Team.
A bug in Red's Core API affects the @commands.can_manage_channel() command permission check. This bug may authorize a user to execute a command even if they do not have the permissions to manage a channel, if additional permission controls are not in place. Core commands and core cogs are unaffected by this issue. At the time of this advisory, the maintainers are not aware of any public 3rd-party cogs utilizing this API. The following command permission checks are unaffected: @commands.mod_or_can_manage_channel(), @commands.admin_or_can_manage_channel(), and @commands.guildowner_or_can_manage_channel().
Latest version: 3.5.22
A highly customisable Discord bot
This vulnerability has no description
Scan your Python project for dependency vulnerabilities in two minutes
Scan your application