Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') Affecting cocotais-bot package, versions >=1.5.0-test2-hotfix <1.6.2
Threat Intelligence
Snyk has a proof-of-concept or detailed explanation of how to exploit this vulnerability.
The probability is the direct output of the EPSS model, and conveys an overall sense of the threat of exploitation in the wild. The percentile measures the EPSS probability relative to all known EPSS scores. Note: This data is updated daily, relying on the latest available EPSS model version. Check out the EPSS documentation for more details.
Do your applications use this vulnerable package?
In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applications- Snyk IDSNYK-JS-COCOTAISBOT-10185779
- published20 May 2025
- disclosed17 May 2025
- creditUnknown
Introduced: 17 May 2025
NewCVE-2025-47948 (opens in a new tab)How to fix?
Upgrade cocotais-bot to version 1.6.2 or higher.
Overview
cocotais-bot is a 基于 qq-bot-sdk 实现的的QQ官方机器人框架
Affected versions of this package are vulnerable to Improper Neutralization of Special Elements in Output Used by a Downstream Component ('Injection') through the command echoing feature. An attacker can trigger privileged behavior and bypass permission controls by injecting special platform tags.
PoC
- Set up a chatbot using the affected framework.
- Join the chat that includes the bot as a regular user with no permission to use @everyone.
- Send the following message in the chat:
/echo
The bot will respond by repeating the message, and the platform will interpret as an @everyone mention. All the chat members receive a notification, despite the user lacking that permission.