Remote code execution and exfiltration of secret tokens by poisoning the mozilla/fxa CI build cache

Disclosed: 2024-01-20 02:43:11 By 0x90security To mozilla

Critical

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 2255750
State: Closed
Substate: resolved
Upvotes: 55

Share this report