@bureado identified that endpoints intended to be restricted to the github.com domain were accessible using the gist.github.com host. This allowed authentication cookies for Gist to be used to access functionality on GitHub.com. We addressed this issue by limiting the routing of requests made to the gist.github.com host.

@bureado earned an additional 1000 points for donating their bounty to a great cause — Washington State Council of Fire Fighters (WSCFF) Burn Foundation . GitHub matches all bounties donated to 501(c)(3) organizations.