Code shack describes issue as ‘moderate’ security flaw, plans to disable risky commands gradually
Google’s bug-hunting Project Zero team has posted details of an injection vulnerability in GitHub Actions after refusing a request to postpone disclosure.…
Source:: TheRegister