High Intigriti CWE-285 €625 Accepted

Unauthenticated GraphQL Operations on Production

Target: *.*******.com Endpoint: ******.*******.com/graphql 2026-03-10

8.6 / 10

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:L/A:L

# cvss 4.0 vector breakdown

# report metadata

Program Intigriti

Target *.*******.com

Endpoint ******.*******.com/graphql

Severity High

CVSS 8.6

CWE CWE-285

Reported 2026-03-10

Status Accepted

Bounty €625

Full writeup coming soon

Detailed technical analysis, proof of concept, and remediation guidance will be published here once the disclosure process is complete.