GraphQL Endpoint Supports Introspection
- Risk:
Informational
- Type:
- Tool
- Summary
The GraphQL endpoint has Introspection enabled. Introspection allows clients to query the schema and retrieve detailed information about the fields, types, inputs, etc. supported by the GraphQL endpoint. This may be valuable to an attacker, as it could enable them to craft more targeted queries.
- Solution
Disable Introspection on the GraphQL endpoint.
Free security scan for your website