CVE-2023-6804 — Improper privilege management allowed arbitrary workflows to be committed and run using an improperly scoped PAT. To exploit this, a workflow must have already existed in the target repo. This vulnera — CVE Database · The Intelligence Room