Back to directory
WRITEUP #3419

GitHub Actions check-spelling community workflow - GITHUB_TOKEN leakage via advice.txt symlink

Logic BugLogic flawInformation disclosure
by@justinsteven(Justin Steven)
Program
GitHub
Published
Sep 8, 2021
Added to HackDex
Sep 15, 2022
Read Full Writeuphttps://github.com/justinsteven/advisories/blob/master/2021_github_actions_checkspelling_token_leak_via_advice_symlink.md
RELATED WRITEUPS
Logic Flaw: I Can Block You from Accessing Your Own Account
Logic BugLogic flaw
“Like” Bypass on Customer Reviews — €500 bounty
Logic BugLogic flaw
P3 (Medium) : How I Gain Access To NASA's Internal Workspace?!
ReconInformation disclosure
How I Got Bugs From Google Dorks
ReconInformation disclosure
How I can easily get four P1 at NASA using Simple Google Dorking.
ReconInformation disclosure

Built with ❤️ by Shubham Rawat