Open aydinnyunus opened 5 months ago
Hmm thank you, but this is all a server side process so I'm not sure how the URL tokens would then be accessed by an end user, but I will look at validation nevertheless. Is there a recommended way to do this?
Hi,
I am not sure about the input part this is why I use "Possible" in title. If there is a doubt, you can use url parsing libraries to get the domain part and check the domain is whatever you need.
Vulnerability Description: The vulnerability allows attackers to bypass security checks and obtain GitHub tokens of users by spoofing GitHub URLs. The vulnerability lies in the code snippet provided:
The code appears to handle messages containing URLs starting with "https://github.com". However, it lacks proper validation to ensure that the URL belongs to GitHub and is not spoofed.
Impact:
Recommendations for Mitigation: