EPSS
Percentile
25.1%
github.com/concourse/concourse is vulnerable to authorization bypasses. A malicious user is able to send a request with a body including :team_name=team2 to bypass team scope check and gain access to certain resources belong to any other team.
:team_name=team2
github.com/advisories/GHSA-5jp2-vwrj-99rf
github.com/concourse/concourse/commit/41882773f17cbd210a1c2272d65c643ab912f9f6
github.com/concourse/concourse/commit/a57d451a31f64a0399835870f614fc9e387ae9e9
github.com/concourse/concourse/pull/8566