An exploit chain chained 4 vulnerabilities into a Remote Code Execution(RCE) on GitHub Enterprise. It also be rewarded for the Best Report in GitHub 3rd Bug Bounty Anniversary Promotion! The techniques here are old, but Ill show you just how powerful those old tricks can be! If you are interested in, you can check slides here: The slides covered even more powerful new approaches on SSRF and other techniques not included in this article. This article is a simple case study in my talk.”]
Source: https://blog.orange.tw/2017/07/how-i-chained-4-vulnerabilities-on.html