Damn Vulnerable GraphQL Application is an intentionally vulnerable implementation of Facebook's GraphQL technology, to learn and practice GraphQL Security.
Added
Added
Fixed
Added
Added SQL Injection Scenario
Changed Fixed an incorrect solution query
New Vulnerabilities DoS - Field Duplication Attack DoS - Alias based Attack
New Protections GraphQL Operation Name whitelisting
** Changes ** Removed the base64 encoding requirement in the cookie to bypass graphiql protection.