Overlooked vulnerabilities in GraphQL open the door to cross-site request forgery attacks
Endpoints using GraphQL may be at risk of exploitation due to failures to mitigate cross-site request forgery (CSRF) attack vectors, Doyensec researchers warned on May 20.