Home > Vulnerability Database > CVE-2021-41249

Mend.io Vulnerability Database

CVE-2021-41249

Good to know:

Date: November 4, 2021

GraphQL Playground is a GraphQL IDE for development of graphQL focused applications. All versions of graphql-playground-react older than graphql-playground-react@1.7.28 are vulnerable to compromised HTTP schema introspection responses or schema prop values with malicious GraphQL type names, exposing a dynamic XSS attack surface that can allow code injection on operation autocomplete. In order for the attack to take place, the user must load a malicious schema in graphql-playground. There are several ways this can occur, including by specifying the URL to a malicious schema in the endpoint query parameter. If a user clicks on a link to a GraphQL Playground installation that specifies a malicious server, arbitrary JavaScript can run in the user's browser, which can be used to exfiltrate user credentials or other harmful goals. If you are using graphql-playground-react directly in your client app, upgrade to version 1.7.28 or later.

Language: JS

Severity Score

7.1

Related Resources (15)

Url: https://github.com/starkbank/ecdsa-python/releases/tag/v2.0.1

Url: https://nvd.nist.gov/vuln/detail/CVE-2021-41249

Url: https://github.com/graphql/graphiql/security/advisories/GHSA-x4r7-m2q9-69c8

Url: https://github.com/graphql/graphql-playground/security/advisories/GHSA-59r9-6jp6-jcm7

Url: https://github.com/starkbank/ecdsa-node

Url: https://github.com/graphql/graphql-playground

Url: https://github.com/starkbank/ecdsa-python/compare/v2.0.0...v2.0.1

Url: https://github.com/starkbank/ecdsa-java

Url: https://github.com/graphql/graphiql/blob/main/docs/security/2021-introspection-schema-xss.md#2-more-details-on-the-vulnerability

Url: https://github.com/starkbank/ecdsa-dotnet

Url: https://github.com/graphql/graphql-playground/commit/b8a956006835992f12c46b90384a79ab82bcadad

Url: https://github.com/starkbank/ecdsa-python/commit/d136170666e9510eb63c2572551805807bd4c17f

Url: https://research.nccgroup.com/2021/11/08/technical-advisory-arbitrary-signature-forgery-in-stark-bank-ecdsa-libraries

Url: https://github.com/starkbank/ecdsa-python

Url: https://www.mend.io/vulnerability-database/CVE-2021-41249

Severity Score

7.1

Weakness Type (CWE)

Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

CWE-79

Improper Verification of Cryptographic Signature

CWE-347

Top Fix

Upgrade Version

Upgrade to version graphql-playground-react - 1.7.28;starkbank-ecdsa - 2.0.1;starkbank-ecdsa - 1.3.2;starkbank-ecdsa - 1.1.3

Learn More

CVSS v3.1

Base Score:	7.1
Attack Vector (AV):	NETWORK
Attack Complexity (AC):	HIGH
Privileges Required (PR):	NONE
User Interaction (UI):	REQUIRED
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	HIGH
Availability (A):	LOW

CVSS v2

Base Score:	2.6
Access Vector (AV):	NETWORK
Access Complexity (AC):	HIGH
Authentication (AU):	NONE
Confidentiality (C):	NONE
Integrity (I):	PARTIAL
Availability (A):	NONE
Additional information:

Mend.io Vulnerability Database

We found results for “”

CVE-2021-41249

Good to know:

Date: November 4, 2021

Language: JS

Severity Score

Related Resources (15)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

CVSS v2

Do you need more information?