Back to directory
WRITEUP #1498

Unauthenticated GraphQL Introspection and API calls

APIGraphQLMissing authentication
by@osamaavvan(Osama Avvan)
Program
-
Published
Feb 26, 2023
Added to HackDex
Feb 26, 2023
Read Full Writeuphttps://medium.com/@osamaavvan/unauthenticated-graphql-introspection-and-api-calls-92f1d9d86bcf
RELATED WRITEUPS
Authorization bypass due to cache misconfiguration
APIAuthorization bypass
The Butterfly Effect: Turning Overlooked - Misconfigurations into Zero Click Account Takeover
APIGraphQL
From MLOps to MLOops: Exposing the Attack Surface of Machine Learning Platforms
AI / LLMAI
How 1 Exposed Honeywell API Gave us Control Over an Internal Engineering System
ReconMissing authentication
How I Got Critical P2 Bug on Google VRP
ReconMissing authentication

Built with ❤️ by Shubham Rawat