Category - API Security Blog

CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)

![CVE-2021-4191: GitLab GraphQL API User Enumeration (FIXED)](https://blog.rapid7.com/content/images/2022/03/gitlab-vuln.jpg) On February 25, 2022, GitLab [published a fix]() for CVE-2021-4191, which ...

May 30, 2022

RST Threat feed. IOC: internal-graphql-stable-web-jer5f6d-n-933384777.us-east-1.elb.cryptohosting.eu

Found **internal-graphql-stable-web-jer5f6d-n-933384777[.]us-eas...Read More ...

May 30, 2022

RST Threat feed. IOC: graphql-server-ecs-chat-497780143.us-west-2.elb.cryptohosting.eu

Found **graphql-server-ecs-chat-497780143[.]us-west-2.elb.crypto...Read More ...

May 30, 2022

RST Threat feed. IOC: graphql.magical.coffee

Found **graphql[.]magical.coffee** in [RST Threat Feed](https:/...Read More ...

May 30, 2022

GitLab GraphQL API User Enumeration

This module queries the GitLab GraphQL API without authentication to acquire the list of GitLab users (CVE-2021-4191). The module works on all GitLab versions from 13.0 up to 14.8.2, 14.7.4, and 14.6. ...

May 30, 2022

GitLab 13.2 < 14.4.5 / 14.5.0 < 14.5.3 / 14.6.0 < 14.6.2 IP Restriction Bypass

According to its self-reported version, the instance of GitLab running on the remote web server is 13.2 prior to 14.4.5, 14.5.0 prior to 14.5.3, or 14.6.0 prior to 14.6.2. It is, therefore, possible t ...

May 30, 2022

CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)

![CVE-2022-28810: ManageEngine ADSelfService Plus Authenticated Command Execution (Fixed)](https://blog.rapid7.com/content/images/2022/04/managengine-vuln.jpg) On April 9, 2022, ManageEngine fixed [CV ...

May 30, 2022

This Week in Spring – April 12th, 2022 (Devnexus 2022 Edition!!)

## This Week in Spring - Devnexus Edition Hi, Spring fans! Welcome to another installment of _This Week in Spring_ - I'm at my first in-person event since the virus: Devnexus! WOOHOOO!! Well, technica ...

May 30, 2022