CVE-2021-28661

CVE-2021-28661

EPSS 0.8%

Default SilverStripe GraphQL Server (aka silverstripe/graphql) 3.x through 3.4.1 permission checker not inherited by query subclass.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://github.com/silverstripe/silverstripe-graphql/releases https://www.silverstripe.org/download/security-releases/CVE-2021-28661