GitHub Apps access suspended installations" vulnerability
Posted: Fri Nov 01, 2024 4:21 am
The "GitHub Apps access suspended installations" vulnerability allows certain GitHub Apps to interact with suspended installations using scoped tokens, bypassing intended restrictions. This flaw risks unauthorized access to sensitive information, potentially compromising project security and data integrity.
https://hackerone.com/reports/2484635
https://hackerone.com/reports/2484635