SAML User impersonation HTML injection Arbitrary pipeline execution CSRF / SSRF Merge request bypass Pages domain hijack Improper token revocation ../ Privilege escalation Emojis Leaky role permissions AI GraphQL Codeowners bypass Sensitive data exposure Maven dependency proxy OAuth / OIDC Banned users not actually banned CI/CD scheduling (Re)DoS Authn bypass CI/CD variable exposure Package registry SAML User impersonation HTML injection Arbitrary pipeline execution CSRF / SSRF Merge request bypass Pages domain hijack Improper token revocation ../ Privilege escalation Emojis Leaky role permissions AI GraphQL Codeowners bypass Sensitive data exposure Maven dependency proxy OAuth / OIDC Banned users not actually banned CI/CD scheduling (Re)DoS Authn bypass CI/CD variable exposure Package registry
(Print) Use this randomly generated list as your call list when playing the game. There is no need to say the BINGO column name. Place some kind of mark (like an X, a checkmark, a dot, tally mark, etc) on each cell as you announce it, to keep track. You can also cut out each item, place them in a bag and pull words from the bag.
SAML
User impersonation
HTML injection
Arbitrary pipeline execution
CSRF / SSRF
Merge request bypass
Pages domain hijack
Improper token revocation
../
Privilege escalation
Emojis
Leaky role permissions
AI
GraphQL
Codeowners bypass
Sensitive data exposure
Maven dependency proxy
OAuth / OIDC
Banned users not actually banned
CI/CD scheduling
(Re)DoS
Authn bypass
CI/CD variable exposure
Package registry