View Repo and Title of Any Private Check Run vulnerability
Posted: Tue Nov 05, 2024 6:13 am
This vulnerability allows unauthorized users to view details about private check runs, potentially exposing repository information and titles that are intended to be confidential. This exposure could compromise sensitive project data and provide insight into workflows that should remain private. Proper access controls and authorization checks are necessary to mitigate this issue.
https://hackerone.com/reports/2210179
https://hackerone.com/reports/2210179