Update graphql-alias-batching.yaml

2022-07-26 10:47:13 +05:30 · 2022-07-26 10:47:13 +05:30 · 72a6a6865b
parent f05abb6842
commit 72a6a6865b
1 changed files with 2 additions and 2 deletions
--- a/misconfiguration/graphql/graphql-alias-batching.yaml
+++ b/misconfiguration/graphql/graphql-alias-batching.yaml
@ -3,7 +3,7 @@ id: graphql-alias-batching
 info:
  name: GraphQL Alias-based Batching
  author: Dolev Farhi
-  severity: low
+  severity: info
  description: |
    GraphQL supports aliasing of multiple sub-queries into a single queries. This allows users to request multiple objects or multiple instances of objects efficiently.
    However, an attacker can leverage this feature to evade many security measures, including rate limit.
@ -38,4 +38,4 @@ requests:
      - type: word
        part: header
        words:
-          - "application/json"
+          - "application/json"