Graphql GET based CSRF vulnerability #548
Description
summary
GraphQL enables the client to make query requests based on the GET method. This would allow attackers to exploit this vulnerability to launch CSRF attacks against privileged users.
POC
curl -X GET -H "User-Agent: oxpecker" -H "Accept-Encoding: gzip, deflate" -H "Accept: */*" -H "Connection: keep-alive" -d '' 'http://34.127.101.91:40410/graphql?query=query+cop+%7B__typename%7D'