Security Advisory

CVE-2021-47715

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-12-22 21:35:25

Last updated 2026-05-24 01:37:00

Assigner VulnCheck

State PUBLISHED

Description

Hasura GraphQL 1.3.3 contains a server-side request forgery vulnerability that allows attackers to inject arbitrary remote schema URLs through the add_remote_schema endpoint. Attackers can exploit the vulnerability by sending crafted POST requests to the /v1/query endpoint with malicious URL definitions to potentially access internal network resources.

← Browse all CVEs View on cve.org ↗