Dxssucuk

**Name of the Vulnerable Software and Affected Versions** Ree6 versions prior to 1.9.9 **Description** This issue allows other server owners to create configurations that contain a channel from another server as a target, enabling the sending of log messages to another Guild channel and bypassing raid and webhook protections. A specifically crafted log message could allow spamming and mass advertisements. **Recommendations** For versions prior to 1.9.9, update to version 1.9.9 to resolve the issue. As a temporary workaround, consider restricting the use of the "Better-Audit-Logging" configuration to minimize the risk of exploitation. Avoid using configurations that contain channels from other servers as targets until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Ree6 versions prior to 1.7.0 **Description** This issue allows manipulation of SQL queries. The estimated number of potentially affected devices is not provided. There are no reported real-world incidents where this issue was exploited. The issue is related to SQL injection risk, which is mitigated by using Java's PreparedStatements. **Recommendations** For versions prior to 1.7.0, update to version 1.7.0 to resolve the issue by utilizing Java's PreparedStatements, which allow object setting without the risk of SQL injection.