In a few clicks we can analyze your entire application and see what components are vulnerable in your application, and suggest you quick fixes.
Test your applicationsLearn about Cross-site Scripting (XSS) vulnerabilities in an interactive lesson.
Start learningUpgrade express-graphql
to version 0.4.11 or higher.
express-graphql
is a GraphQL HTTP middleware.
Affected versions of the package are vulnerable to Cross-site Scripting (XSS).
When the initial page loads, the HTML was was not properly escaped in queries or variables causing GraphiQL to break.
<>