GitHub Gist is our service for sharing snippets of code or other text content. Gist is built on Ruby on Rails and leverages a number of Open Source technologies.
If you share the URL of a secret gist, anyone with access to the URL will be able to see it without authentication. This is an intentional feature.
|1||2000 pts Teddy Katz Insufficient token scope checks for Gist access via Git|
|2||500 pts Kamil Hismatullin Gist archive download content spoofing|
|3||500 pts Ershad Kunnakkadan Disclosure of Gist forks turned secret|
|4||400 pts Alex Suraci Gists deleted on web were still available via git operations|
|5||2000 pts José Miguel Parrella Improper restriction of Gist subdomain routing|