Impact
This "Exploit" would allow other Server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another Server as target.This would mean you could send log messages to another Servers channel. This would allow you to send your servers Log event to another Servers channel, which can be used to bypass raid and spam protections incase of a specificly crafted Log-Message, which would allow mention spamming and mass advertisment.
Patches
This Issue has been patched in 1.9.9
Workarounds
There sadly is no workaround.
You will need to upgrade to a newer version!
References
Here is the commit fixing this Issue.
For more information
If you have any questions or comments about this advisory:
Impact
This "Exploit" would allow other Server owners to create configurations such as "Better-Audit-Logging" which contain a channel from another Server as target.This would mean you could send log messages to another Servers channel. This would allow you to send your servers Log event to another Servers channel, which can be used to bypass raid and spam protections incase of a specificly crafted Log-Message, which would allow mention spamming and mass advertisment.
Patches
This Issue has been patched in 1.9.9
Workarounds
There sadly is no workaround.
You will need to upgrade to a newer version!
References
Here is the commit fixing this Issue.
For more information
If you have any questions or comments about this advisory: