The flaw allows an unauthenticated attacker to craft a GitHub Issue in an org's public repository and then silently pull data from its private repos, too.
The flaw allows an unauthenticated attacker to craft a GitHub Issue in an org's public repository and then silently pull data from its private repos, too.
Read the original article at Dark Reading: https://www.darkreading.com/cyber-risk/gitlost-leaks-private-data-github-agentic-workflows