CVE-2023-34111 Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111 Command Injection Vulnerability in `Release PR Merged` Workflow in taosdata/grafanaplugin

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

CVE-2023-34111

The Release PR Merged workflow in the github repo taosdata/grafanaplugin is subject to a command injection vulnerability which allows for arbitrary code execution within the github action context due to the insecure usage of $ github.event.pullrequest.title in a bash command within the GitHub...

PT-2023-24683 · Unknown · Taosdata/Grafanaplugin

Name of the Vulnerable Software and Affected Versions: taosdata/grafanaplugin affected versions not specified Description: The issue concerns a command injection vulnerability in the Release PR Merged workflow. This vulnerability allows for arbitrary code execution within the GitHub action contex...