Saalvage

**Name of the Vulnerable Software and Affected Versions** DisCatSharp versions 9.8.5 through 9.9.0 DisCatSharp versions prior to 9.9.1 and prior 10.0.0 prereleases **Description** DisCatSharp is a Discord API wrapper for .NET. Users of affected versions who have used either one of the two `RequireDisCatSharpDeveloperAttribute`s or the `BaseDiscordClient.LibraryDeveloperTeam` have potentially had their bot token sent to a web server not affiliated with Discord. This server is owned and operated by DisCatSharp's development team. The tokens were not logged, yet it is still advisable to reset the tokens of potentially affected bots. **Recommendations** For versions 9.8.5 through 9.9.0, update to version 9.9.1 or later to patch the issue. For prior 10.0.0 prereleases, update to the latest 10.0.0 prerelease to patch the issue. As a temporary workaround, consider removing all uses of the two `RequireDisCatSharpDeveloperAttribute`s and all direct calls to `BaseDiscordClient.LibraryDeveloperTeam` until a patch is available.