|
|
|
|
|
|
by afitnerd
455 days ago
|
|
|
Thanks for this writeup! It seems like #1 was the real weakness. Have you identified how the attacker was able to get write access to tj-actions/changed-files? Did this discovery result in any changes to how people can contribute to the project? |
|
|