Lucene search
China National Vulnerability DatabaseCNVD-2022-81371HistoryApr 07, 2022 - 12:00 a.m.
Directus Cross-Site Scripting Vulnerability (CNVD-2022-81371)
2022-04-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
0.001 Low
EPSS
Percentile
35.2%
Directus is a live Api and application dashboard. Used to manage Sql database content, a cross-site scripting vulnerability existed prior to Directus version 9.7.0, which stems from the program’s lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
| CPE | Name | Operator | Version |
|---|---|---|---|
| directus directus | lt | 9.7.0 |
Related
veracode
veracode
Cross-Site Scripting (XSS)
2022-04-05 12:08:46
github
github
cvelist
cvelist
CVE-2022-24814 Cross-site Scripting in Directus
2022-04-04 17:50:11
prion
prion
Design/Logic Flaw
2022-04-04 18:15:00
nvd
nvd
CVE-2022-24814
2022-04-04 18:15:08
cve
cve
CVE-2022-24814
2022-04-04 18:15:08
osv
osv
Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') in directus
2022-04-05 18:30:15
CVE-2022-24814
2022-04-04 18:15:08