CVE-2023-23684 - Unpacking the WPGraphQL SSRF Vulnerability (From n/a through 1.14.5)
The WordPress ecosystem never sleeps—and neither do bad actors looking for vulnerable plugins. One such high-profile security problem is CVE-2023-23684, a Server-Side Request Forgery
CVE-2023-45674 - Critical SQL Injection in Farmbot-Web-App—How It Works, Risks, and Exploit Details
FarmBot is a cool project that lets people automate farming tasks, all through a web-based interface called the Farmbot-Web-App. But like many open-source apps, FarmBot
CVE-2023-34047 - Understanding and Exploiting the Batch Loader Context Leak in Spring for GraphQL
Spring for GraphQL is a framework that helps Java developers build GraphQL APIs easily. If you're using GraphQL with Spring Boot, there'
CVE-2023-26144 - Denial of Service in GraphQL (graphql npm package) Explained
GraphQL has become one of the most popular technologies for APIs, thanks to its flexibility and query structure. But with popularity comes security risks. In
CVE-2023-41317 - Apollo Router Denial-of-Service via Anonymous GraphQL Subscriptions (Explained Simply)
CVE-2023-41317 is a security vulnerability found in the Apollo Router, a high-performance, Rust-based router that sits at the core of federated GraphQL supergraphs. This issue
Episode
00:00:00
00:00:00