DDOS attack on graphql endpoints

An attacker could use a specially crafted graphql query to execute a Distributed Denial of Service attack (DDOS attack) against a website. This mostly affects websites with publicly exposed and partic ...

Continue Reading

March 16, 2023

CVE-2023-27588

Hasura is an open-source product that provides users GraphQL or REST APIs. A path traversal vulnerability has been discovered within Hasura GraphQL Engine prior to versions 1.3.4, 2.55.1, 2.20.1, and ...

Continue Reading

March 14, 2023

Company admin role gives excessive privileges in eZ Platform Ibexa

Users with the Company admin role (introduced by the company account feature in v4) can assign any role to any user. This also applies to any other user that has the role / assign policy. Any subtree ...

Continue Reading

March 13, 2023

Company admin role gives excessive privileges in eZ Platform Ibexa

Users with the Company admin role (introduced by the company account feature in v4) can assign any role to any user. This also applies to any other user that has the role / assign policy. Any subtree ...

Continue Reading

March 13, 2023

Shopify Cross Site Scripting Vulnerability

Post ContentRead More ...

Continue Reading

March 13, 2023

Shopify Cross Site Scripting

Post ContentRead More ...

Continue Reading

March 13, 2023

Graphicator – A GraphQL Enumeration And Extraction Tool

[![](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEjZZW5ExG3MGYExQ8heWkdqSQaUOcaWMMlnkulsROA2NQLh8TzfUlrfa_kEkJhQm5EeEoCr_ZOlJL_Rg54juIG4bq26QEK0vWb-1AMI2xTXI4WIcFA2BDhiA47iAQVNM0RJOE57RH ...

Continue Reading

March 13, 2023

CVE-2022-48365

An issue was discovered in eZ Platform Ibexa Kernel before 1.3.26. The Company admin role gives excessive privileges.Read More ...

Continue Reading

March 12, 2023

1 376 377 378 379 380 403

Back to Main
Subscribe for the latest news: