Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.9, allows remote attackers to obtain sensitive information via improper authorization in GraphQL...Read More ...
Continue Reading
January 29, 2024
Lack of authentication in NPM's package @evershop/evershop before version 1.0.0-rc.9, allows remote attackers to obtain sensitive information via improper authorization in GraphQL...Read More ...
Continue Reading
January 29, 2024
silverstripe/graphql is vulnerable to Permission Bypass. The vulnerability is due to ORM data in paginated GraphQL queries when the total number of records exceeded the page size. This allows attacker ...
Continue Reading
January 27, 2024
silverstripe/graphql is vulnerable to Permission Bypass. The vulnerability is due to ORM data in paginated GraphQL queries when the total number of records exceeded the page size. This allows attacker ...
Continue Reading
January 27, 2024
Impact canView permission checks are bypassed for ORM data in paginated GraphQL query results where the total number of records is greater than the number of records per page. Note that this also affe ...
Continue Reading
January 23, 2024
The Silverstripe CMS GraphQL Server serves Silverstripe data as GraphQL representations. In versions 4.0.0 prior to 4.3.7 and 5.0.0 prior to 5.1.3, canView permission checks are bypassed for ORM data ...
Continue Reading
January 23, 2024
Impact canView permission checks are bypassed for ORM data in paginated GraphQL query results where the total number of records is greater than the number of records per page. Note that this also affe ...
Continue Reading
January 23, 2024
Deciphering the Cloud Conundrum: An Introduction to tRPC & GraphQL The dynamic domain of cloud technology presents a couple of instrumental methodologies in the arena of APIs: tRPC and GraphQL ...
Continue Reading
January 22, 2024
Back to Main
