2022-11-29 00:00:00
mitre
PUBLISHED
Insecure permissions in Chocolatey Azure-Pipelines-Agent package v2.211.1 and below grants all users in the Authenticated Users group write privileges for the subfolder C:agent and all files located in that folder.