CVE-2023-28430

Source
https://nvd.nist.gov/vuln/detail/CVE-2023-28430
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2023-28430.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2023-28430
Published
2023-03-27T22:15:22Z
Modified
2025-01-15T04:49:43.277447Z
Severity
  • 8.1 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:N CVSS Calculator
Summary
[none]
Details

OneSignal is an email, sms, push notification, and in-app message service for mobile apps.The Zapier.yml workflow is triggered on issues (types: [closed]) (i.e., when an Issue is closed). The workflow starts with full write-permissions GitHub repository token since the default workflow permissions on Organization/Repository level are set to read-write. This workflow runs the following step with data controlled by the comment (${{ github.event.issue.title }} – the full title of the Issue), allowing an attacker to take over the GitHub Runner and run custom commands, potentially stealing any secret (if used), or altering the repository. This issue was found with CodeQL using javascript’s Expression injection in Actions query. This issue has been addressed in the repositories github action. No actions are required by users. This issue is also tracked as GHSL-2023-051.

References

Affected packages

Git / github.com/onesignal/react-native-onesignal

Affected ranges

Type
GIT
Repo
https://github.com/onesignal/react-native-onesignal
Events

Affected versions

1.*

1.1.9

3.*

3.1.0
3.1.1
3.1.2
3.1.3
3.1.4
3.2.0
3.2.1
3.2.10
3.2.11
3.2.12
3.2.13
3.2.14
3.2.2
3.2.3
3.2.4
3.2.5
3.2.6
3.2.7
3.2.8
3.2.9
3.3.0
3.3.1
3.3.2
3.3.3
3.4.0
3.4.1
3.4.2
3.5.0
3.6.0
3.6.1
3.6.2
3.6.3
3.6.4
3.6.5
3.7.0
3.7.1
3.7.2
3.7.3
3.8.0
3.8.1
3.9.0
3.9.1
3.9.2
3.9.3

4.*

4.0.0
4.0.1
4.0.2
4.0.3
4.0.4
4.0.5
4.0.6
4.0.7
4.0.8
4.1.0
4.1.1
4.3.0
4.3.1
4.3.10
4.3.11
4.3.2
4.3.3
4.3.4
4.3.5
4.3.6
4.3.7
4.3.8
4.3.9
4.4.0
4.4.1
4.5.0

v1.*

v1.0.2
v1.0.4
v1.0.5
v1.0.6
v1.0.7
v1.0.8
v1.0.9
v1.1.0
v1.1.1
v1.1.2
v1.1.3
v1.1.4
v1.1.5
v1.1.6
v1.1.7
v1.1.8
v1.1.9
v1.2.0
v1.2.1

v2.*

v2.0.0

v3.*

v3.0.0
v3.0.1
v3.0.2
v3.0.3
v3.0.4
v3.0.5
v3.0.6
v3.0.7
v3.0.8
v3.0.9