Directus is a live Api and application dashboard. Used to manage Sql database content, a cross-site scripting vulnerability existed prior to Directus version 9.7.0, which stems from the program’s lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
CPE | Name | Operator | Version |
---|---|---|---|
directus directus | lt | 9.7.0 |