BugCrowd Bug Bounty Disclosure: P2 – Graphql API exposes all groups and goups users …

BugCrowd Bug Bounty Disclosure: P2 – Graphql API exposes all groups and goups users …

A publicly accessible GraphQL API exposed sensitive group and user information to unauthenticated users. By leveraging the wildcard search feature …

 

Read More