CVE-2020-5302 – unprivileged user can access priviledged action in MH-WikiBot

https://notcve.org/view.php?id=CVE-2020-5302

07 Apr 2020 — MH-WikiBot (an IRC Bot for interacting with the Miraheze API), had a bug that allowed any unprivileged user to access the steward commands on the IRC interface by impersonating the Nickname used by a privileged user as no check was made to see if they were logged in. The issue has been fixed in commit 23d9d5b0a59667a5d6816fdabb960b537a5f9ed1. MH-WikiBot (un IRC Bot para interactuar con la API Miraheze), presenta un bug que permitía a cualquier usuario no privilegiado acceder a los comandos de administrador ... • https://github.com/examknow/MH-WikiBot/compare/2eac90d...1a62da1 • CWE-269: Improper Privilege Management CWE-284: Improper Access Control •