Cross-Site Request Forgery (CSRF)
Affecting silverstripe/framework package, versions >=4.0.0, <4.4.0
silverstripe/framework is a PHP framework forming the base for the SilverStripe CMS.
Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF).
The Cross Site Request Forgery protection for GraphQL mutation queries does not adequately protect against CSRF attacks on GraphQL endpoints. When a GraphQL query is formed with a fragment portion, it needs to check whether the query is a mutation and, so the
X-CSRF-TOKEN header, the token header that is required for the CSRF protection module, is not required with the HTTP request and therefore is able to bypass the CSRF protection.
silverstripe/framework to version 4.4.0 or higher.