CVE-2022-24849

Name of the Vulnerable Software and Affected Versions DisCatSharp versions 9.8.5 through 9.9.0 DisCatSharp versions prior to 9.9.1 and prior 10.0.0 prereleases

Description DisCatSharp is a Discord API wrapper for .NET. Users of affected versions who have used either one of the two RequireDisCatSharpDeveloperAttributes or the BaseDiscordClient.LibraryDeveloperTeam have potentially had their bot token sent to a web server not affiliated with Discord. This server is owned and operated by DisCatSharp's development team. The tokens were not logged, yet it is still advisable to reset the tokens of potentially affected bots.

Recommendations For versions 9.8.5 through 9.9.0, update to version 9.9.1 or later to patch the issue. For prior 10.0.0 prereleases, update to the latest 10.0.0 prerelease to patch the issue. As a temporary workaround, consider removing all uses of the two RequireDisCatSharpDeveloperAttributes and all direct calls to BaseDiscordClient.LibraryDeveloperTeam until a patch is available.