In the Channelmgnt plug-in for Sopel (a Python IRC bot) before version 1.0.3, malicious users are able to op/voice and take over a channel. This is an ACL bypass vulnerability. This plugin is bundled with MirahezeBot-Plugins with versions from 9.0.0 and less than 9.0.2 affected. Version 9.0.2 includes 1.0.3 of channelmgnt, and thus is safe from this vulnerability. See referenced GHSA-23pc-4339-95vg.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: GitHub_M
Published: 2020-10-13T17:15:17
Updated: 2024-08-04T13:08:23.235Z
Reserved: 2020-06-25T00:00:00
Link: CVE-2020-15251
Vulnrichment
No data.
NVD
Status : Analyzed
Published: 2020-10-13T18:15:12.780
Modified: 2021-11-18T16:58:22.267
Link: CVE-2020-15251
Redhat
No data.