2 matches found
CVE-2023-51379
The CVE-2023-51379 issue concerns GitHub Enterprise Server where an incorrect authorization flaw allowed updating issue comments using an improperly scoped token. Affected products are GitHub Enterprise Server (versions 3.7 through 3.17.18, 3.8.x until 3.8.11, 3.9.x until 3.9.6, 3.10.x until 3.10...
GitHub: [PATs] Token with Read-Only permissions on Issues able to modify issue comments using content write permission
An incorrect authorization vulnerability was identified in GitHub Enterprise Server that allowed issue comments to be updated with an improperly scoped token...