GraphQL AdminGenerateSessionPayload is leaked to staff with no permission

Disclosed: 2020-07-16 09:14:46 By hiffley To shopify

Medium

Vulnerability Details

No vulnerability description provided or it is restricted.

Actions

View on HackerOne

Report Stats

Report ID: 898528
State: Closed
Substate: resolved
Upvotes: 168

Share this report