
GraphQL discloses internal beer consumption - isp
https://hackerone.com/reports/419883
======
isp
"Summary: With great pleasure we would like to report that we have discovered
a GraphQL endpoint that discloses internal beer consumption at your [Spotify]
offices."

Shopify awarded a $134 bounty for this.

