Vulnerability Details CVE-2023-28877
The VTEX apps-graphql@2.x GraphQL API module does not properly restrict unauthorized access to private configuration data. (apps-graphql@3.x is unaffected by this issue.)
Exploit prediction scoring system (EPSS) score
EPSS Score 0.001
EPSS Ranking 25.1%
CVSS Severity
CVSS v3 Score 7.5
References
Products affected by CVE-2023-28877
-
cpe:2.3:a:vtex:apps-graphql:2.x