Summary #

Invicti identified that the target web site is using GraphQL Ariadne Library by sending query. Ariadne is a Python library for implementing GraphQL servers using schema-first approach. It supports both synchronous and asynchronous query execution, ships with batteries included for common GraphQL server problems like query cost validation or performance tracing and has simple API that is easy to extend or replace.

Impact #

This issue is reported as additional information only. There is no direct impact arising from this issue.

Classifications #
CWE-205; ISO27001-A.14.2.5; WASC-13; OWASP 2017-A6
Vulnerability Index

Vulnerability Index

You can search and find all vulnerabilities

OR

Search Vulnerability

Netsparker

Dead accurate, fast & easy-to-use Web Application Security Scanner

Get a demo