@gerritbot probably allows users to make arbitrary changes to Phabricator tasks by submitting crafted Gerrit changesets. I'm saying "probably" because I did not test it – I don't want to test in production and I don't know of any testing instances… I don't think this is a major issue, since the bot doesn't have access to anything special, but it could still cause disruption, so I'm filing this as a security bug.
In T139808#2462319, I noticed that a '+' in the commit message became a ' ', which probably means it's not percent-encoding the data it submits.
Unfortunately the documentation https://wikitech.wikimedia.org/wiki/Gerrit_Notification_Bot points to https://gerrit-review.googlesource.com/#/admin/projects/plugins/its-phabricator as source code, which is definitely not the code that we run. (It's the code that we ran two years ago or so; the comments it posts are different.) This also makes testing the issue locally somewhat more difficult, heh.
Assuming that it still works like that code, it submits parameters as JSON, which means that to set the title task Tnnnn to 'herp' and the description to 'derp', you would submit a commit with the following commit message:
%22%2C%22title%22%3A%22herp%22%2C%22description%22%3A%22derp Bug: Tnnnn