File Access Bypass
Discription

graphql-mesh/cli and graphql-mesh/http are vulnerable to File Access Bypass. The vulnerability is due to the `staticFiles` parameter in the configuration file being set to `serve`, which allows an attacker to access files in the server’s file system by relative paths.Read More

Back to Main

Subscribe for the latest news: