Description
Your web application is running with GraphQL Array-based Query Batching enabled, allowing 10+ simultaneous queries in a single request. GraphQL Query Batching is a feature that permits multiple queries to be sent to the server in a single request, reducing server processing overhead. While this feature is beneficial in certain use cases, it can also be exploited by malicious actors to perform batching attacks, which involve sending a large number of GraphQL operations within a single web request.
Remediation
Limit Query Batching: Implement restrictions on the number of allowed queries in a single batch request to reduce the potential impact of a batching attack.
References
Related Vulnerabilities
Wildcard Detected in Port Portion of Content Security Policy (CSP) Directive
ASP.NET: Failure To Require SSL For Authentication Cookies
Java Debug Wire Protocol remote code execution
WordPress default administrator account
Spring Boot Misconfiguration: Datasource credentials stored in the properties file