CVE-2020-15126

CVE-2020-15126 affects parse-server versions 3.5.0 through prior to 4.3.0. An authenticated user executing the viewer GraphQL query can bypass read security on his User object and bypass access to all objects linked via relations or pointers on that User object. The issue is an authorization bypa...

CVE-2020-6165

SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited...

CVE-2020-6165

SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited...

Default credentials

SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited...

CVE-2020-6165

SilverStripe 4.5.0 allows attackers to read certain records that should not have been placed into a result set. This affects silverstripe/recipe-cms. The automatic permission-checking mechanism in the silverstripe/graphql module does not provide complete protection against lists that are limited...

PT-2020-18975 · Silverstripe · Silverstripe

Name of the Vulnerable Software and Affected Versions: SilverStripe version 4.5.0 Description: The issue allows attackers to read certain records that should not have been placed into a result set. This is due to the automatic permission-checking mechanism in the silverstripe/graphql module not...

aiida-graphql (>=0.0.1 <=0.0.2), annhub-python (>=0.1.5 <=0.1.6) +31 more potentially affected by CVE-2020-7695 via uvicorn (>=0.10.0 <=0.11.5)

uvicorn PYPI version =0.10.0, =0.0.1, =0.1.5, =1.0.0, =22.70.0, =0.31.0, =0.0.14, =0.8.0, =2.0.0, =1.0.0a1, =0.0.2, =0.0.1a0, =0.0.1a1 and more Source cves: CVE-2020-7695 Source advisory: SNYK:PYTHON-UVICORN-570471...

Shopify: STAFF "No-Permissions" on the Store can retrieve the details Order via exchangeReceiptSend

I discovered a bug in an android mobile app that allowed STAFF No Permissions using Receipt Send to Mobile of any Order information in the Store. Steps to reproduce: 1 STAFF account is created and assigned "No Permissions" on a Shop by Owner/Admin 2 STAFF then login to shop. Notice that STAFF is...

InQL - A Burp Extension For GraphQL Security Testing

A security testing tool to facilitate GraphQL technology security auditing efforts. InQL can be used as a stand-alone script or as a Burp Suite extension. InQL Stand-Alone CLI Running inql from Python will issue an Introspection query to the target GraphQL endpoint in order fetch metadata...

Shopify: GraphQL AdminGenerateSessionPayload is leaked to staff with no permission

@hiffley reported the ability to generate app tokens via the adminGenerateSession mutation in Shopify Admin, as a staff member with no permissions. This allowed for accessing a small subset of installed apps that are using this new flow including Shopify Email. Access was limited to the current...

Reflected XSS in GraphQL Playground

Impact directly impacted: - [email protected] - all unsanitized user input for renderPlaygroundPage all of our consuming packages of graphql-playground-html are impacted: - [email protected] - unsanitized user input to expressPlayground -...

@awoyotoyin/ts-graphql-yoga-express-starter (=1.0.0), @botsbotsbots/api (>=0.1.0-latest.5b715197 <=0.1.0-latest.d90c50ea) +152 more potentially affected by CVE-2020-4038 via graphql-playground-html (>=1.4.1 <=1.6.19)

graphql-playground-html NPM version =1.4.1, =0.1.0-latest.5b715197, =0.1.0, =0.1.1, =1.0.0, =0.0.1-beta, =4.0.0, =1.0.0, =1.7.0, =1.8.81, =1.8.81, =1.8.80, =1.6.26, =1.8.175 and more Source cves: CVE-2020-4038 Source advisory: OSV:GHSA-4852-VRH7-28RF...

GHSA-4852-VRH7-28RF Reflected XSS in GraphQL Playground

Impact directly impacted: - [email protected] - all unsanitized user input for renderPlaygroundPage all of our consuming packages of graphql-playground-html are impacted: - [email protected] - unsanitized user input to expressPlayground -...

GraphQL Playground Cross-Site Scripting Vulnerability

GraphQL Playground is a graphical, interactive, in-browser GraphQL IDE Integrated Development Environment based on GraphiQL from Prisma Labs, Germany. A cross-site scripting vulnerability exists in GraphQL Playground graphql-playground-html NPM package. A remote attacker can exploit this...

CVE-2020-4038

GraphQL Playground graphql-playground-html NPM package before version 1.6.22 have a severe XSS Reflection attack vulnerability. All unsanitized user input passed into renderPlaygroundPage method could trigger this vulnerability. This has been patched in graphql-playground-html version 1.6.22. Not...

CVE-2020-4038

GraphQL Playground graphql-playground-html NPM package before version 1.6.22 have a severe XSS Reflection attack vulnerability. All unsanitized user input passed into renderPlaygroundPage method could trigger this vulnerability. This has been patched in graphql-playground-html version 1.6.22. Not...

Design/Logic Flaw

GraphQL Playground graphql-playground-html NPM package before version 1.6.22 have a severe XSS Reflection attack vulnerability. All unsanitized user input passed into renderPlaygroundPage method could trigger this vulnerability. This has been patched in graphql-playground-html version 1.6.22. Not...

CVE-2020-4038

The CVE-2020-4038 entry concerns GraphQL Playground (graphql-playground-html) with an XSS reflection vulnerability in versions before 1.6.22, triggered by unsanitized input rendered in renderPlaygroundPage(). A patch is available in graphql-playground-html v1.6.22, and related middleware packages...

CVE-2020-4038 Reflected XSS in GraphQL Playground

GraphQL Playground graphql-playground-html NPM package before version 1.6.22 have a severe XSS Reflection attack vulnerability. All unsanitized user input passed into renderPlaygroundPage method could trigger this vulnerability. This has been patched in graphql-playground-html version 1.6.22. Not...

Information Disclosure

apollo-server-cloudflare is vulnerable to information leakage. Lack of validation rules enforcement during the subscription server creation with NoInstrospection rule for websockets exposes GraphQL schema types, their relations, human-readable names and many More information on the references...