The CSRF vulnerability exists in the GitHub v2.4.5 API. The attacker can submit a request to the victim to change the content on GitHub if they have access to the victim’s account on the repository.
Exploitation
Access the GitHub repository.
Go to Settings, then Authentication.
Click on Add access type and select GitHub.
Click on Sign in.
On the next page, click on the pencil icon on the top right, then on the Authorizations tab.
Select the team where the attacker has access to and click on the pencil icon again and then on the Revoke Authorizations tab.
Stored XSS vulnerability
This vulnerability only affects GitHub v2.4.5 API, so it would be a worthwhile target for hackers as it is easy to exploit and has a high rate of success.
The CSRF vulnerability allows the attacker to submit requests to GitHub if they have access to the victim's account on the repository. The attackers can request to change content on GitHub by creating a user with a username that matches the victim's username and changing its password. This means that an attacker could create their own account and then change content to whatever they want without the knowledge of their victim, which can lead to serious consequences for both the victim and their company (e.g., stolen data).
Another possible attack scenario is using XSS vulnerabilities in order to steal passwords from users or trick them into clicking on malicious links or opening malicious files. A company may not realize that their entire website is compromised until one day when they log into their site and see that all of their passwords are changed without them knowing it. If a hacker was able to find out which website was vulnerable and use XSS, they could gain access to private information such as emails, databases, etc.--information that is crucial for private individuals or companies (e.g., banking).
Timeline
Published on: 09/17/2022 20:15:00 UTC
Last modified on: 09/21/2022 06:22:00 UTC