Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Critical Security: Over-Fetching Sensitive PII in CHECK_AUTH Query in Queries.ts #3484

Closed
sancheet230 opened this issue Jan 29, 2025 · 6 comments
Closed

Critical Security: Over-Fetching Sensitive PII in CHECK_AUTH Query in Queries.ts #3484

sancheet230 opened this issue Jan 29, 2025 · 6 comments
Assignees
@sancheet230
Labels
bug Something isn't working good first issue Good for newcomers security Security fix unapproved

Comments

@sancheet230
Copy link

Description

The CHECK_AUTH query exposes Personally Identifiable Information (PII) such as birthDate, phone.mobile, educationGrade, employmentStatus, and maritalStatus, which are unnecessary for authentication checks. This violates privacy best practices and regulatory standards (GDPR/CCPA).

Steps to Reproduce

Authenticate as any user.

Execute the query:

query {  
  checkAuth {  
    birthDate  
    phone { mobile }  
    educationGrade  
    # ... other sensitive fields  
  }  
}

Observe: Sensitive user data is returned.

Impact

Data Privacy Violation: Unauthorized exposure of PII to authenticated users.

Compliance Risk: Potential fines under GDPR/CCPA for improper data handling.

Attack Surface Expansion: Compromised accounts can harvest sensitive data.

Proposed Fix

Minimize Fields: Fetch only essential data for authentication (e.g., _id, email, firstName, image).

Field-Level Permissions: Use GraphQL directives (e.g., @auth) to restrict sensitive fields.

Backend Validation: Ensure resolvers enforce access control.

Revised Query:

query CHECK_AUTH {  
  checkAuth {  
    _id  
    firstName  
    email  
    image  
  }  
}

Recommendations

Audit All Queries: Identify and fix similar over-fetching in USER_DETAILS, USERS_CONNECTION_LIST, etc.

Role-Based Access Control (RBAC): Implement schema-level permissions with tools like GraphQL Shield.

Logging: Monitor access to sensitive fields.

P0: Requires immediate resolution to mitigate legal and reputational risks.
@sancheet230 sancheet230 added the bug Something isn't working label Jan 29, 2025
@github-actions github-actions bot added security Security fix unapproved good first issue Good for newcomers labels Jan 29, 2025
@sancheet230
Copy link
Author

sancheet230 commented Jan 29, 2025
edited
Loading

@palisadoes @Cioppolo14 I know this issue and I can work on this If you give me chance by assigning

@sancheet230 sancheet230 mentioned this issue Jan 31, 2025
Closed
@sancheet230
Copy link
Author

sancheet230 commented Jan 31, 2025
edited
Loading

Opened this issue in the Talawa API repository to address the necessary backend changes required for resolution

@palisadoes
Copy link
Contributor

Which branch is this for?

@sancheet230
Copy link
Author

@palisadoes main branch

@palisadoes palisadoes closed this as not planned Won't fix, can't repro, duplicate, stale Jan 31, 2025
@palisadoes
Copy link
Contributor

We are focusing on the develop-postgres branch until further notice

@sancheet230
Copy link
Author

@palisadoes ok will stick with develop-postgres branch from now on thanks for clarification

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@sancheet230 sancheet230

Labels
bug Something isn't working good first issue Good for newcomers security Security fix unapproved
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@palisadoes @sancheet230