# GraphQL API vulnerabilities

- [Accès à des posts GraphQL privés](/web-hacking-portswigger/graphql-api-vulnerabilities/acces-a-des-posts-graphql-prives.md)
- [Exposition accidentelle de champs privés](/web-hacking-portswigger/graphql-api-vulnerabilities/exposition-accidentelle-de-champs-prives.md)
- [Découverte d’un endpoint GraphQL caché](/web-hacking-portswigger/graphql-api-vulnerabilities/decouverte-dun-endpoint-graphql-cache.md)
- [Contournement de la protection anti-brute-force en GraphQL](/web-hacking-portswigger/graphql-api-vulnerabilities/contournement-de-la-protection-anti-brute-force-en-graphql.md)
- [Exploitation CSRF via GraphQL](/web-hacking-portswigger/graphql-api-vulnerabilities/exploitation-csrf-via-graphql.md)