Bypassing Collaborator Restrictions: Retaining Admin Access Post-Repository Transfer
Medium
G
GitHub
Submitted None
Team Summary
Official summary from GitHub
A race condition in GitHub Enterprise Server allows an outside collaborator to be added while a repository is being transferred. This vulnerability affected all versions of GitHub Enterprise Server since 3.8 and was fixed in version 3.8.12, 3.9.7, 3.10.4, and 3.11.1.
Actions:
Reported by
inspector-ambitious
Report Details
Additional information and metadata
State
Closed
Substate
Resolved
Submitted
Weakness
Improper Access Control - Generic