Security Advisory

CVE-2021-41191

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2021-10-27 20:30:11

Last updated 2024-08-04 03:08:31

Assigner GitHub_M

State PUBLISHED

Description

Roblox-Purchasing-Hub is an open source Roblox product purchasing hub. A security risk in versions 1.0.1 and prior allowed people who have someones API URL to get product files without an API key. This issue is fixed in version 1.0.2. As a workaround, add `@require_apikey` in `BOT/lib/cogs/website.py` under the route for `/v1/products`.

← Browse all CVEs View on cve.org ↗