Vulnerabilities > Probot

DATE CVE VULNERABILITY TITLE RISK
2023-12-15 CVE-2023-50728 octokit/webhooks is a GitHub webhook events toolset for Node.js.
network
low complexity
octokit probot
7.5
2021-02-09 CVE-2021-26918 Unrestricted Upload of File with Dangerous Type vulnerability in Probot BOT 20210208
The ProBot bot through 2021-02-08 for Discord might allow attackers to interfere with the intended purpose of the "Send an image when a user joins the server" feature (or possibly have unspecified other impact) because the uploader web service allows double extensions (such as .html.jpg) with the text/html content type.
network
low complexity
probot CWE-434
critical
9.8