[MEDIUM] Craftql vulnerable to Server-Side Request Forgery

PKSA-nwgj-1fc9-zj7r CVE-2026-31317 GHSA-8wmw-prw8-2ggm

Affected package: markhuot/craftql

Affected version: <=1.3.7

Reported by:
GitHub