Server-side Request Forgery (SSRF)

Overview craftcms/cms is a content management system. Affected versions of this package are vulnerable to Server-side Request Forgery SSRF via the saveAsset mutation's file input, specifically the url parameter. An attacker can access internal network resources, bypass firewall rules, and...

Craft CMS vulnerable to Server-Side Request Forgery (SSRF) via GraphQL Asset Upload Mutation

The Craft CMS GraphQL saveAsset mutation is vulnerable to Server-Side Request Forgery SSRF. This vulnerability arises because the file input, specifically its url parameter, allows the server to fetch content from arbitrary remote locations without proper validation. Attackers can exploit this by...

CVE-2025-61781

OpenCTI prior to 6.8.1 is affected by an authorization flaw in the GraphQL mutation WorkspacePopoverDeletionMutation, which allows an authenticated user to delete workspace objects (dashboards, investigation cases) belonging to other users. The API does not verify ownership, enabling unauthorized...

CVE-2025-61781 GraphQL IDOR allows authenticated user to delete workspace content of other users

OpenCTI is an open source platform for managing cyber threat intelligence knowledge and observables. Prior to version 6.8.1, the GraphQL mutation "WorkspacePopoverDeletionMutation" allows users to delete workspace-related objects such as dashboards and investigation cases. However, the mutation...

OpenCTI 安全漏洞

OpenCTI is an open source cyber threat intelligence platform from OpenCTI Open Source. A security vulnerability exists in OpenCTI versions prior to 6.8.1, which stems from a lack of authorization checking in a GraphQL mutation that could lead to unauthorized resource deletion...

Craft CMS 代码问题漏洞

Craft CMS is a content management system CMS open source by Craft CMS. A code issue vulnerability exists in Craft CMS versions 5.0.0-RC1 through 5.8.20 and 4.0.0-RC1 through 4.16.16, which stems from insufficient validation of the url parameter in a GraphQL mutation, and could lead to a server-si...

PT-2026-1316

Name of the Vulnerable Software and Affected Versions OpenCTI versions prior to 6.8.1 Description OpenCTI is a platform for managing cyber threat intelligence. A flaw exists in the WorkspacePopoverDeletionMutation GraphQL mutation where insufficient authorization checks allow users to delete...

PT-2026-1344

Name of the Vulnerable Software and Affected Versions Craft versions 5.0.0-RC1 through 5.8.20 Craft versions 4.0.0-RC1 through 4.16.16 Description Craft is a platform for creating digital experiences. The GraphQL save Asset mutation is susceptible to Server-Side Request Forgery SSRF. The issue...

PT-2026-21652

Name of the Vulnerable Software and Affected Versions Craft versions 4.5.0-RC1 through 4.16.18 Craft versions 5.0.0-RC1 through 5.8.22 Description Craft is a content management system CMS. The SSRF validation in Craft CMS’s GraphQL Asset mutation uses gethostbyname, which only resolves IPv4...

Exploit for CVE-2025-27407

PoCCVE-2025-27407 Proof of concept for a remote code executi...

CVE-2021-47714

Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pgreadfile PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server...

EUVD-2021-34746

Hasura GraphQL 1.3.3 contains a denial of service vulnerability that allows attackers to overwhelm the service by crafting malicious GraphQL queries with excessive nested fields. Attackers can send repeated requests with extremely long query strings and multiple threads to consume server resource...

EUVD-2021-34745

Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pgreadfile PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server...

EUVD-2021-34744

Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the addremoteschema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL...

CVE-2021-47715

Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the addremoteschema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL...

CVE-2021-47714

Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pgreadfile PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server...

CVE-2021-47713

Hasura GraphQL 1.3.3 contains a denial of service vulnerability that allows attackers to overwhelm the service by crafting malicious GraphQL queries with excessive nested fields. Attackers can send repeated requests with extremely long query strings and multiple threads to consume server resource...

CVE-2021-47714

Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pgreadfile PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server...

CVE-2021-47714 Hasura GraphQL 1.3.3 Local File Read via SQL Injection

Hasura GraphQL 1.3.3 contains a local file read vulnerability that allows attackers to access system files through SQL injection in the query endpoint. Attackers can exploit the pgreadfile PostgreSQL function by crafting malicious SQL queries to read arbitrary files on the server...

CVE-2021-47715

Hasura GraphQL Engine 1.3.3 is exposed to a server-side request forgery via the add_remote_schema endpoint. The underlying issue allows injection of arbitrary remote schema URLs by crafting POST requests to /v1/query, potentially enabling access to internal network resources. Affected component: ...