[true_religion]

I guess if someone provides an api via graphql it’s hard to tell if it’s intended to be used publicly or not, and to what extent that use is permitted. The site and app both use that api end point and going there gives you a nice page with full documentation of how to do every query plus an online IDE.

One might pull the data then start to wonder if they were supposed to get it only after they begin reading specifics that seem private.

[tmsbrg]

Considering he had already found and reported this vulnerability before, and then took the time to write this report about it, that's not what happened here. He knew it was a vulnerability, he used it purposely to download private data and he looked into it. Not only could AI dungeon sue him for this, also the owners of the data (the people playing AI dungeon) could.

There have been cases of ethical hackers who found a vulnerability and abused it to download a disproportionate number of records being convicted, at least in the Netherlands. It didn't matter that their goal was just to show it to the website owner. So if you're an ethical hacker reading this, I would strongly advise you to only download the minimum required to demonstrate a vulnerability (preferably your own data, or one record), and not do what this person did.

[duckerude]

The data was retrieved by mass-upvoting unpublished documents and using an obscure GraphQL feature to extract fields that aren't part of the explicit interface.

I don't think you could do any part of that while assuming it's intended as normal use.