Unrated severityNVD Advisory· Published May 20, 2021· Updated Aug 3, 2024

CSRF allowing modification of commands, modules, banphrases through hidden iFrames

CVE-2021-32632

Description

Pajbot is a Twitch chat bot. Pajbot versions prior to 1.52 are vulnerable to cross-site request forgery (CSRF). Hosters of the bot should upgrade to v1.52 or stable to install the patch or, as a workaround, can add one modern dependency.

Affected products

Pajbot/Pajbotv5
Range: < 1.52

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

gist.github.com/Melonify/d8e5d70cdc1bebb871f72dc79d69ac60mitrex_refsource_MISC
github.com/pajbot/pajbot/releases/tag/v1.52mitrex_refsource_MISC
github.com/pajbot/pajbot/security/advisories/GHSA-wmfr-qrg4-qc3hmitrex_refsource_CONFIRM

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000