Severity by source
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
AC:H reflects the dual prerequisite - bot must hold @everyone permission while the moderating user explicitly does not; PR:L requires a moderator account; no confidentiality or availability impact applies.
Primary rating from Vendor (GitHub_M).
CVSS VectorVendor: GitHub_M
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:N/VI:L/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Lifecycle Timeline
2DescriptionCVE.org
Quest Bot is an opensource modern Discord Bot built for moderation, utilities and support. Prior to version 1.0.4, several moderation commands echo user-controlled reason text in public bot replies without disabling mention parsing. A moderator who does not have permission to mention everyone can still make the bot send @everyone or @here if the bot has that permission. This issue has been patched in version 1.0.4.
AnalysisAI
Quest Bot (Discord moderation bot) prior to v1.0.4 allows low-privileged moderators to leverage the bot's elevated Discord mention permissions to send @everyone or @here notifications they are not themselves permitted to send. Moderation commands that echo user-supplied reason text in public channel replies do not suppress Discord's mention parser, creating a permission boundary bypass within the Discord API privilege model. No public exploit code exists and no active exploitation has been confirmed, though the conditions for abuse are operationally common in Discord servers where bots hold mention permissions above their moderating users.
Technical ContextAI
The root cause is CWE-116 (Improper Encoding or Escaping of Output). Discord's bot API supports an allowed_mentions parameter that explicitly controls whether @everyone, @here, and role/user mentions are parsed in a message payload. When a bot omits or misconfigures this parameter, Discord defaults to honoring all mentions present in the message text - using the bot's own permission set, not the invoking user's. Quest Bot's moderation commands (ban, warn, kick, etc.) construct reply strings that include the operator-supplied reason field verbatim, without sanitizing or neutralizing Discord mention tokens. The affected CPE is cpe:2.3:a:duck-organization:quest-bot:*:*:*:*:*:*:*:*, covering all versions prior to 1.0.4. The CVSS 4.0 vector AT:P reflects the prerequisite attack requirement that the bot holds @everyone or @here permission in the guild.
RemediationAI
Vendor-released patch: Quest Bot v1.0.4. Server operators running any prior version should update to v1.0.4 immediately, available at https://github.com/duck-organization/questbot/releases/tag/questbot-v1.0.4. The fix likely involves passing a restrictive allowed_mentions object (with parse set to an empty array or explicitly excluding everyone and roles) in all bot reply payloads that echo user-supplied text. As a compensating control prior to patching, Discord guild administrators can revoke the bot's @everyone and @here mention permission in Server Settings > Roles or channel overrides - this prevents the privilege bypass without disabling moderation functionality, though it may affect legitimate bot announcements. Alternatively, restricting the moderator role to trusted users limits the attack surface but does not eliminate the vulnerability.
Mass mention abuse in Quest Bot (open-source Discord moderation/utility bot) before version 1.0.3 allows any normal Disc
Cross-tenant AutoMod rule deletion in Quest Bot (Discord bot) prior to 1.0.5 lets a user with Manage Server permission i
Privilege escalation in Quest Bot (open-source Discord moderation bot) prior to version 1.0.3 allows a user holding only
Privilege escalation in Quest Bot Discord bot versions prior to 1.0.1 allows any guild member with slash-command access
Unsanitized output in Quest Bot's ticket creation workflow allows any unprivileged Discord server member to inject @ever
Ticket transcript redirection in Quest Bot (prior to v1.0.4) allows a privileged user with bot settings access to config
Quest Bot, an open-source Discord moderation/utility bot, exposes private channel message contents to privileged users w
Unsanitized reason text in Quest Bot's /unban and /unwarn Discord commands enables authenticated moderators to trigger m
Same weakness CWE-116 – Improper Encoding or Escaping of Output
View allSame technique Information Disclosure
View allShare
External POC / Exploit Code
Leaving vuln.today
EUVD-2026-36275