I've found an interesting, but low severity, way for a malicious user to selectively deny access to specific GitHub issues and Pull Requests. This doesn't affect the whole site - just targeted pages. It doesn't require elevated permissions, nor any special skills. This is just GitHub punching itself in the face. Here's how it works. […] Read More