Share
## https://sploitus.com/exploit?id=268AB24B-3EE0-5DC0-BFBF-3EFEA31E3D4D
It is an offensive tool for GraphQL. This repository contains a proof-of-concept (PoC) exploit for a vulnerability in the GraphQL Playground, a popular IDE for GraphQL development. The exploit targets an XSS Reflection attack vulnerability in the `graphql-playground-html` package, which was resolved in version 1.6.22. The vulnerability allows for unsanitized user input to be reflected in the application, potentially leading to data exfiltration or user credential theft. The exploit is likely used for defensive analysis and testing purposes, and the repository contains a detailed explanation of the vulnerability and its impact. The affected packages include `graphql-playground-html`, `graphql-playground-express`, `graphql-playground-koa`, `graphql-playground-hapi`, and `graphql-playground-lambda`, all of which were vulnerable until the specified safe versions were released.