Graphql Type Introspection Allowed
GraphQL type introspection vulnerability enables unauthorized access to type details, potentially leading to data exposure and security breaches.
Security Misconfiguration (SM)
How this template works
The API selection filters in this array use a regular expression to match URLs that contain the word "graphql". This ensures that only requests to GraphQL endpoints are selected for execution.
The execute section specifies that a single request should be executed. The request includes two modifications. First, the URL is modified using a regular expression to replace any characters after "graphql" with just "graphql". This ensures that the request is sent to the correct GraphQL endpoint. Second, the request body is replaced with a GraphQL query that retrieves the name of the "__type" with the name "Query".
The validation section checks if the response payload contains both the "data" field and the "__type" field. This ensures that the GraphQL query was successful and the expected data is returned in the response.
Frequently asked questions
What is GraphQL type introspection and how does it work
How can enabling GraphQL type introspection without proper access controls lead to security vulnerabilities
What are the potential impacts of a GraphQL type introspection vulnerability
How can the GraphQL type introspection vulnerability be mitigated
What are some recommended resources for learning more about GraphQL type introspection vulnerabilities
How can this specific test be executed to identify GraphQL type introspection vulnerabilities