Birkir Prime Information Disclosure Vulnerability in GraphQL Directive Handler

A vulnerability allowing information exposure has been identified in Birkir Prime versions through 0.4.0.beta.0. The issue resides in the GraphQL Directive Handler, specifically within an unknown function of the '/graphql' file. This vulnerability can be exploited remotely, without authentication, by sending crafted introspection queries or error messages that manipulate the GraphQL directive handling. The exploitation of this vulnerability leaks sensitive information such as instruction names, parameters, and default values defined by the server. This could potentially reveal security architectures, authentication mechanisms, rate-limiting configurations, and sensitive field markings.

Impact

Exploitation of this vulnerability leads to unauthorized information exposure, allowing attackers to gain insights into the application's security architecture and sensitive configurations.

Reproduction

The vulnerability can be reproduced by sending a POST request to the '/graphql' endpoint with a query that introspects the schema directives. The response will include an error message indicating a validation failure, which can be exploited to extract sensitive information about the application's GraphQL directives and potentially other security-related configurations.