GHSL-2024-276: Actions expression injection in Ant-design-blazor

Coordinated Disclosure Timeline

• 2024-10-10: Report sent to one of maintainers by email
• 2025-01-24: Public issue created
• 2025-01-24: The report was re-sent to the email as advised in the issue.
• 2025-01-26: The receipt was confirmed.
• 2025-02-06: Asked for any updates. No reply.
• 2025-04-17: Asked for any updates. Received a response.
• 2025-04-17: Public pull request was made.
• 2025-04-17: The pull request was merged.

Summary

Ant-design-blazor is vulnerable to Actions expression injection allowing an attacker to alter the repository and steal secrets.

Project

Ant-design-blazor

Tested Version

Latest changeset at the time of reporting.

Details

Code injection in preview-deploy.yml (GHSL-2024-276)

The preview-deploy.yml workflow is triggered on workflow_run when the “Preview Build” workflow triggered on pull_request completes. An attacker can send a Pull Request that changes the preview-build.yml workflow so that any arbitrary content can be stored in the pr-id.txt artifact. This artifact is later downloaded by preview-deploy.yml:

      - name: download pr artifact
        uses: dawidd6/action-download-artifact@v2
        with:
          workflow: ${{ github.event.workflow_run.workflow_id }}
          name: pr

Then, it stores its contents into the steps.pr.outputs.id step output variable.

      - name: save PR id
        id: pr
        run: echo "::set-output name=id::$(<pr-id.txt)"

Finally, the variable is interpolated into a run step:

      - name: upload surge service
        id: deploy
        run: |
          export DEPLOY_DOMAIN=https://preview-${{ steps.pr.outputs.id }}-antblazor.surge.sh
          npx surge --project ./ --domain $DEPLOY_DOMAIN --token ${{ secrets.SURGE_TOKEN }}

Impact

This issue may lead to stealing workflow secret SURGE_TOKEN and modification of the repository because it runs with full write permissions:

GITHUB_TOKEN Permissions
  Actions: write
  Attestations: write
  Checks: write
  Contents: write
  Deployments: write
  Discussions: write
  Issues: write
  Metadata: read
  Packages: write
  Pages: write
  PullRequests: write
  RepositoryProjects: write
  SecurityEvents: write
  Statuses: write

Resources

• CodeQL for JavaScript - Expression injection in Actions
• Keeping your GitHub Actions and workflows secure Part 2: Untrusted input
• Keeping your GitHub Actions and workflows secure Part 1: Preventing pwn requests

Credit

This issue was discovered and reported by GHSL team member @JarLob (Jaroslav Lobačevski).

Contact

You can contact the GHSL team at securitylab@github.com, please include a reference to GHSL-2024-276 in any communication regarding this issue.