Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Network-reachable REST endpoint (AV:N/AC:L) abusable by any authenticated read-only member (PR:L, no UI); token disclosure gives C:H and impersonated posting gives I:H, with no availability impact.
Primary rating from Vendor (VulnCheck).
CVSS VectorVendor: VulnCheck
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
3DescriptionCVE.org
stoatchat (delta/Revolt) versions from 20241213-1 before 20250210-1 allow users with only ViewChannel (read) permission on a channel to fetch that channel's webhooks, including their tokens, because the webhook fetch endpoint checked for ViewChannel instead of ManageWebhooks. Using a retrieved token, an attacker can send arbitrary messages to the channel, bypassing channel permissions and impersonating a bot or webhook. Fixed in 20250210-1 (0.8.2).
AnalysisAI
Webhook token disclosure in stoatchat (the Rust 'delta' backend of the Revolt/stoatchat platform) lets any channel member holding only ViewChannel (read) permission enumerate a channel's webhooks and read their secret tokens. Because a retrieved token authorizes posting, the attacker can then inject arbitrary messages while impersonating a bot or webhook, bypassing the channel's ManageWebhooks and posting permissions. Reported by VulnCheck and fixed in 20250210-1 (0.8.2); no public exploit identified at time of analysis.
Technical ContextAI
stoatchat is the current name for the delta/Revolt self-hosted chat platform; the flaw is in the delta backend's REST route crates/delta/src/routes/channels/webhook_fetch_all.rs. The endpoint enforced the wrong authorization predicate, calling throw_if_lacking_channel_permission(ChannelPermission::ViewChannel) instead of ChannelPermission::ManageWebhooks. This is a textbook CWE-639 (Authorization Bypass Through User-Controlled Key / improper object-level authorization): a privileged resource (the webhook object, which embeds a bearer-style token) is exposed to any principal who can merely view the channel. Webhook tokens in this model are capability secrets - possession alone grants message-send rights - so leaking them collapses the separation between read and write permissions.
RemediationAI
Vendor-released patch: upgrade to stoatchat 20250210-1 (0.8.2) or later, which corrects the permission check to require ManageWebhooks (fix commit https://github.com/stoatchat/stoatchat/commit/e3723d647effb81ea3d3919d848faf64dbe89829, advisory https://github.com/stoatchat/stoatchat/security/advisories/GHSA-8684-rvfj-v3jq). Because any exposed token is a durable secret, patching alone is insufficient: after upgrading, rotate/regenerate all webhook tokens for channels that had readers who could have called the fetch endpoint, since previously leaked tokens remain valid. As an interim control on unpatched instances, minimize or remove ViewChannel grants on channels that host webhooks and audit which webhooks exist on sensitive channels; the trade-off is reduced read access for ordinary members. Monitor message metadata for unexpected webhook/bot posts to detect abuse of already-leaked tokens.
Server-side request forgery in stoatchat before 0.13.5 allows remote unauthenticated attackers to coerce the server into
Denial of service in stoatchat (delta) versions before 20250210-1 (0.8.2) lets a remote unauthenticated attacker exhaust
Server-side request forgery in Stoatchat before 0.14.0 lets unauthenticated, network-accessible attackers reach internal
Same technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2025-210476
GHSA-9hv3-3cv6-jrx3