Edit Github repo wikis in pidgin repository- Security Bug

Manikandan Rajakumar mani22test at gmail.com
Thu Jul 11 11:59:15 EDT 2019

Attacker can edit Github's repo wikis in  pidgin  repository.

Every organisation uses Github wiki as a description for the repository
associated with it.   pidgin   uses  repositories which allows attacker to
edit Wiki pages for their own attacking benefit.

*Proof of concept:*
1. Go to  pidgin  repository,
2. Click Edit the Wiki/ Create new page to create your malformed attack


Looking for your reply.

Manikandan Rajakumar
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.pidgin.im/private/security/attachments/20190711/e2b02cb3/attachment.html>

More information about the security mailing list