Описание
API Platform Core is a system to create hypermedia-driven REST and GraphQL APIs. Using the Relay special node type you can bypass the configured security on an operation. This vulnerability is fixed in 4.0.22 and 3.4.17.
Ссылки
EPSS
Процентиль: 55%
0.00326
Низкий
7.5 High
CVSS3
Дефекты
CWE-863
Связанные уязвимости
CVSS3: 7.5
github
10 месяцев назад
GraphQL query operations security can be bypassed
EPSS
Процентиль: 55%
0.00326
Низкий
7.5 High
CVSS3
Дефекты
CWE-863