CVE-2020-36762
CVE-2020-36762 affects the ONS Digital RAS Collection Instrument up to version 2.0.27. The root cause is a command-injection vulnerability in the function jobs of the file .github/workflows/comment.yml , caused by manipulation of the argument $COMMENT_BODY . This leads to OS command execution. Th...