[原文]MUTE 0.4 uses improper flood protection algorithms, which allows remote attackers to obtain sensitive information (privacy leak and search result data) by controlling a drop chain neighbor that is near the end of a message chain.
MUTE contains an issue that may theoretically lead to an unauthorized information disclosure. The issue is triggered when a malicious attacker controls two neighboring nodes. The one neighbor sends a fake request with a high UC to force a DROP_CHAIN, while the other neighbor is the first node on the DROP_CHAIN, which will disclose search result information resulting in a loss of confidentiality.
While this issue is not known to be exploitable, an upgrade to version 0.4.1 or higher as best practice is recommended, as it has been reported to fix this issue. An upgrade is required as there are no known workarounds.