Erxes is vulnerable to Incorrect Access Control. The vulnerability is due to authentication bypass due to improper validation of the User HTTP header, allowing attackers to impersonate users and access any GraphQL…Read More