Page 4 of 18 results (0.004 seconds)

CVSS: 5.5EPSS: 0%CPEs: 1EXPL: 1

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3. • https://github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts#L13 https://github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc https://github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7 • CWE-284: Improper Access Control CWE-532: Insertion of Sensitive Information into Log File •

CVSS: 8.0EPSS: 0%CPEs: 1EXPL: 0

Directus is a real-time API and App dashboard for managing SQL database content. Instances relying on an allow-listed reset URL are vulnerable to an HTML injection attack through the use of query parameters in the reset URL. An attacker could exploit this to email users urls to the servers domain but which may contain malicious code. The problem has been resolved and released under version 9.23.0. People relying on a custom password reset URL should upgrade to 9.23.0 or later, or remove the custom reset url from the configured allow list. • https://github.com/directus/directus/issues/17119 https://github.com/directus/directus/pull/17120 https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •

CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1

Directus is a real-time API and App dashboard for managing SQL database content. Directus is vulnerable to Server-Side Request Forgery (SSRF) when importing a file from a remote web server (POST to `/files/import`). An attacker can bypass the security controls by performing a DNS rebinding attack and view sensitive data from internal servers or perform a local port scan. An attacker can exploit this vulnerability to access highly sensitive internal server(s) and steal sensitive information. This issue was fixed in version 9.23.0. • https://github.com/directus/directus/commit/ff53d3e69a602d05342e15d9bb616884833ddbff https://github.com/directus/directus/releases/tag/v9.23.0 https://github.com/directus/directus/security/advisories/GHSA-j3rg-3rgm-537h • CWE-918: Server-Side Request Forgery (SSRF) •