CVE-2021-22863

An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker woul...

Improper access control

An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker woul...

CVE-2021-22863

CVE-2021-22863 is an improper access control vulnerability in GitHub Enterprise Server’s GraphQL API. It allowed authenticated users to modify the maintainer collaboration permission on a pull request, potentially exposing head branches of repos where they are a maintainer. Affected versions span...

CVE-2021-22863 Improper access control in GitHub Enterprise Server leading to unauthorized changes to maintainer permissions on pull requests

An improper access control vulnerability was identified in the GitHub Enterprise Server GraphQL API that allowed authenticated users of the instance to modify the maintainer collaboration permission of a pull request without proper authorization. By exploiting this vulnerability, an attacker woul...

PT-2021-15236 · Github · Github Enterprise Server

Name of the Vulnerable Software and Affected Versions: GitHub Enterprise Server versions 2.12.22 through 2.20.23 GitHub Enterprise Server versions 2.21.0 through 2.21.14 GitHub Enterprise Server versions 2.22.0 through 2.22.6 GitHub Enterprise Server versions 3.0.0 Description: An improper access...

Command Injection

Overview Affected versions of @graphql-tools/git-loader package are vulnerable to Command Injection. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection. Recommendation Upgrade to fix version 6.2.6 or later References - Snyk Advisory - CVE -...

Damn-Vulnerable-GraphQL-Application - Damn Vulnerable GraphQL Application Is An Intentionally Vulnerable Implementation Of Facebook's GraphQL Technology, To Learn And Practice GraphQL Security

Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security. About DVGA Damn Vulnerable GraphQL is a deliberately weak and insecure implementation of GraphQL that provides a safe environment to attack a...

Shopify: staffOrderNotificationSubscriptionCreate Is Not Blocked Entirely From Staff Member With Settings Permission

Hi, I found that the GraphQL call staffOrderNotificationSubscriptionCreate is not blocked from the staff member with Settings permission Steps to reproduce - Login as a staff member with Settings permission - Make this GraphQL call to...

CVE-2021-21027

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a cross-site request forgery CSRF vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the...

CVE-2021-21027

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a cross-site request forgery CSRF vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the...

Cross site request forgery (csrf)

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a cross-site request forgery CSRF vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the...

CVE-2021-21027

CVE-2021-21027 is a Magento CSRF vulnerability affecting Magento Open Source/Commerce 2.x (2.4.1 and earlier, 2.4.0-p1 and earlier, 2.3.6 and earlier). It allows an unauthenticated attacker to trigger cross-site request forgery via the GraphQL API, potentially modifying customer metadata without ...

CVE-2021-21027 Magento Commerce Cross-Site Request Forgery (CSRF) Could Lead To Unauthorized Data Modification

Magento versions 2.4.1 and earlier, 2.4.0-p1 and earlier and 2.3.6 and earlier are affected by a cross-site request forgery CSRF vulnerability via the GraphQL API. Successful exploitation could lead to unauthorized modification of customer metadata by an unauthenticated attacker. Access to the...

PT-2021-2305 · Adobe · Magento

Name of the Vulnerable Software and Affected Versions: Magento versions 2.4.1 and earlier Magento versions 2.4.0-p1 and earlier Magento versions 2.3.6 and earlier Description: The issue is related to a cross-site request forgery CSRF vulnerability via the GraphQL API. Successful exploitation coul...

CVE-2021-23326

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...

FreeBSD : Gitlab -- Multiple vulnerabilities (66d1c277-652a-11eb-bb3f-001b217b3468)

Gitlab reports : Stored XSS in merge request Stored XSS in epic's pages Sensitive GraphQL variables exposed in structured log Guest user can see tag names in private projects Information disclosure via error message DNS rebinding protection bypass Validate existence of private project C Tenable...

Gitlab -- Multiple vulnerabilities

Gitlab reports: Stored XSS in merge request Stored XSS in epic's pages Sensitive GraphQL variables exposed in structured log Guest user can see tag names in private projects Information disclosure via error message DNS rebinding protection bypass Validate existence of private project...

Shopify: [h1-2102] [Yaworski's Broskis] Low privilege user can read POS PINs via graphql and elevate his privilege

Summary: A low privilege user both in the shop and in the POS can read POS PINs via graphql and elevate his privilege with a physical access to the POS. Steps To Reproduce: 1. Log in to your shop and install the POS app https://apps.shopify.com/shopify-pos 2. Log in Shopify Plus as an org owner a...

@corejam/base (>=0.0.1 <=0.0.2), @corejam/cli (>=0.0.1 <=0.0.5) +27 more potentially affected by CVE-2021-23326 via @graphql-tools/git-loader (>=6.0.0-alpha.1 <=6.2.6-alpha-9e1fc254.0)

@graphql-tools/git-loader NPM version =6.0.0-alpha.1, =0.0.1, =0.0.1, =0.0.1, =0.0.1, =6.0.15, =4.0.1-alpha-0a0f697.0, =4.0.1-alpha-0a0f697.0, =1.13.6-alpha-c74c7b7d.14, =0.0.0-canary.02a53c5, =0.0.1, =1.0.5, =0.0.24, =0.1.0, =1.29.0, =2.0.0-alpha.36 and more Source cves: CVE-2021-23326 Source...

Command Injection in @graphql-tools/git-loader

This affects the package @graphql-tools/git-loader before 6.2.6. The use of exec and execSync in packages/loaders/git/src/load-git.ts allows arbitrary command injection...