Arunstar

**Name of the Vulnerable Software and Affected Versions** FastGPT versions 4.14.8.3 and below **Description** FastGPT is an AI Agent building platform. The `fastgpt-preview-image.yml` workflow is susceptible to arbitrary code execution and secret exfiltration by any external contributor. The workflow utilizes `pull request target`, which operates with access to repository secrets, but it checks out code from the pull request author's fork. Subsequently, it builds and pushes Docker images using Dockerfiles controlled by the attacker. This also enables a supply chain attack through the production container registry. **Recommendations** Versions prior to 4.14.8.4 are affected. At the moment, there is no information about a newer version that contains a fix for this vulnerability.