writeups.xyz / How we Abused Repository Webhooks to Access Internal CI Systems at Scale

Submitter : c2a

Date: 20 September 2022

Bounty : undisclosed

Vulnerabilities :

• CI/CD

Programs :

• Undisclosed

Authors :

• Omer Gil (@Omer_gil)
• Asi Greenholts (@TupleType)

Link :
https://www.cidersecurity.io/blog/research/how-we-abused-repository-webhooks-to-access-internal-ci-systems-at-scale/