The VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.x is unaffected by this issue.)
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2023-03-31T00:00:00

Updated: 2024-08-02T13:51:38.950Z

Reserved: 2023-03-27T00:00:00

Link: CVE-2023-28877

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2023-03-31T17:15:06.660

Modified: 2024-11-21T07:56:12.927

Link: CVE-2023-28877

cve-icon Redhat

No data.