Cross-site Request Forgery (CSRF)

Overview @apollo/sandbox is a This repo hosts the source for Apollo Studio's Embeddable Sandbox Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via missing origin validation in the window.postMessage process. An attacker can execute unauthorized GraphQL queries...

Cross-site Request Forgery (CSRF)

Overview @apollo/explorer is a This repo hosts the source for Apollo Studio's Embeddable Explorer Affected versions of this package are vulnerable to Cross-site Request Forgery CSRF via missing origin validation in the window.postMessage process. An attacker can execute unauthorized GraphQL queri...

MAL-2025-47674 Malicious code in gatsby-plugin-apollo-onetrust (npm)

--- -= Per source details. Do not edit below this line.=-...

Apollo Studio Embeddable Explorer & Embeddable Sandbox 跨站请求伪造漏洞

Apollo Studio Embeddable Explorer & Embeddable Sandbox is an open source vectorization tool for Apollo GraphQL. A cross-site request forgery vulnerability exists in Apollo Studio Embeddable Explorer & Embeddable Sandbox, which stems from a lack of source validation when client code handles the...

Malicious code in node-sass-supercluster-izar-apollo (npm)

The package node-sass-supercluster-izar-apollo was found to contain malicious code...

MAL-2025-45045 Malicious code in lithosphere-eris-jwt-apollo (npm)

The package lithosphere-eris-jwt-apollo was found to contain malicious code...

MAL-2025-43482 Malicious code in apollo-palynology-hydrogeology-relay (npm)

The package apollo-palynology-hydrogeology-relay was found to contain malicious code...

MAL-2025-45335 Malicious code in node-sass-supercluster-izar-apollo (npm)

The package node-sass-supercluster-izar-apollo was found to contain malicious code...

Malicious code in lithosphere-eris-jwt-apollo (npm)

The package lithosphere-eris-jwt-apollo was found to contain malicious code...

MAL-2025-43480 Malicious code in apollo-development-eridanus-babel (npm)

The package apollo-development-eridanus-babel was found to contain malicious code...

Malicious code in apollo-development-eridanus-babel (npm)

The package apollo-development-eridanus-babel was found to contain malicious code...

Malicious code in rehype-phoenix-apollo-ceres (npm)

The package rehype-phoenix-apollo-ceres was found to contain malicious code...

Malicious code in deimos-epimetheus-apollo-fornax (npm)

The package deimos-epimetheus-apollo-fornax was found to contain malicious code...

MAL-2025-45790 Malicious code in rehype-phoenix-apollo-ceres (npm)

The package rehype-phoenix-apollo-ceres was found to contain malicious code...

Malicious code in apollo-nightwatch-xanadu-iota (npm)

The package apollo-nightwatch-xanadu-iota was found to contain malicious code...

Malicious code in rest-meteor-telesto-apollo (npm)

The package rest-meteor-telesto-apollo was found to contain malicious code...

MAL-2025-43481 Malicious code in apollo-nightwatch-xanadu-iota (npm)

The package apollo-nightwatch-xanadu-iota was found to contain malicious code...

MAL-2025-45822 Malicious code in rest-meteor-telesto-apollo (npm)

The package rest-meteor-telesto-apollo was found to contain malicious code...

Malicious code in apollo-palynology-hydrogeology-relay (npm)

The package apollo-palynology-hydrogeology-relay was found to contain malicious code...

MAL-2025-43951 Malicious code in deimos-epimetheus-apollo-fornax (npm)

The package deimos-epimetheus-apollo-fornax was found to contain malicious code...