writeups.xyz / From GitHub To Account Takeover: Misconfigured Actions Place GCP & AWS Accounts At Risk

Submitter : c2a

Date: 16 May 2023

Bounty : undisclosed

Vulnerabilities :

• Account Takeover
• Cloud
• OIDC
• CI/CD

Programs :

• Undisclosed

Authors :

• Rezonate

Link :
https://www.rezonate.io/blog/github-misconfigurations-put-gcp-aws-in-account-takeover-risk/