Impact
Bot token is publicly exposed in main.py, making it accessible to malicious actors.
Patches
Bot token has been revoked and new version is already running on server.
Code will be updated at a later date to reflect this.
Update (1/21/2022)
Patch is part of 0.0.6-a5b15fb.
Workarounds
None
References
GitHub Issue
Fix
For more information
If you have any questions or comments about this advisory:
Impact
Bot token is publicly exposed in main.py, making it accessible to malicious actors.
Patches
Bot token has been revoked and new version is already running on server.
Code will be updated at a later date to reflect this.
Update (1/21/2022)
Patch is part of 0.0.6-a5b15fb.
Workarounds
None
References
GitHub Issue
Fix
For more information
If you have any questions or comments about this advisory: