This repository was archived by the owner on Dec 30, 2022. It is now read-only.
API giving out files without key
Package
website.py
(Quart)
Affected versions
<=1.0.1
Patched versions
1.0.2
Impact
This security risk allowed people who have your API url to get product files without a API key
Patches
Update to version 1.0.2
Workarounds
In
BOT/lib/cogs/website.pyunder the route for/v1/productsadd@require_apikeyFor more information
If you have any questions or comments about this advisory: