Back to directory
WRITEUP #2948

Stealing a few more GitHub Actions secrets

Logic BugLogic flaw
by@not_aardvark(Teddy Katz)
Bounty
7,500
Program
GitHub
Published
Feb 23, 2022
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://blog.teddykatz.com/2022/02/23/ghosts-of-branches-past.html
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
Interesting Business Logic Error leads to Pre-Account Takeover via Verification bypass on GoogleVRP
Auth BypassAccount takeover

Built with ❤️ by Shubham Rawat