hohn/codeql
1
0
Fork 0
mirror of https://github.com/github/codeql.git synced 2026-04-30 11:15:13 +02:00
Code Issues Packages Projects Releases Wiki Activity

apply suggestion from doc review

Browse Source 
Co-authored-by: Steve Guntrip <12534592+stevecat@users.noreply.github.com>
This commit is contained in:
Erik Krogh Kristensen
2022-05-12 13:28:45 +02:00
committed by GitHub
parent 0c0e280637
commit fef4455ccc
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
javascript/ql/src/Security/CWE-094/ExpressionInjection.qhelp
View File

@@ -8,10 +8,10 @@
code injection in contexts like <i>run:</i> or <i>script:</i>.
</p>
<p>
Code injection in GitHub actions may allow an attacker to
Code injection in GitHub Actions may allow an attacker to
exfiltrate the temporary GitHub repository authorization token.
The token might have write access to the repository, and thus an attacker
might be able to use it to modify the repository.
The token might have write access to the repository, allowing an attacker
to use the token to make changes to the repository.
</p>
</overview>