CVE-2021-29642
CVE-2021-29642 affects GistPad prior to 0.2.7. A crafted workspace folder can alter the URL used for the Gist API, leading to leakage of GitHub access tokens. Product: GistPad (VS Code extension). Root cause: workspace folder URL manipulation enables token exposure. Impact: leakage of GitHub acce...