Lucene search

CVE-2023-28443

🗓️ 24 Mar 2023 00:15:15Reported by [email protected]Type

Directus API vulnerability, unredacted refresh token

Reporter	Title	Published	Views	Family All 8
CVE	CVE-2023-28443	24 Mar 202300:15	–	cve
Prion	Code injection	24 Mar 202300:15	–	prion
Cvelist	CVE-2023-28443 directus vulnerable to Insertion of Sensitive Information into Log File	23 Mar 202323:13	–	cvelist
OSV	CVE-2023-28443	24 Mar 202300:15	–	osv
OSV	directus vulnerable to Insertion of Sensitive Information into Log File	23 Mar 202319:47	–	osv
Veracode	Information Disclosore	28 Mar 202305:26	–	veracode
Vulnrichment	CVE-2023-28443 directus vulnerable to Insertion of Sensitive Information into Log File	23 Mar 202323:13	–	vulnrichment
Github Security Blog	directus vulnerable to Insertion of Sensitive Information into Log File	23 Mar 202319:47	–	github

Nvd

Node

monospace directusRange<9.23.3node.js

Source	Link
github	www.github.com/directus/directus/commit/349536303983ccba68ecb3e4fb35315424011afc
github	www.github.com/directus/directus/blob/7c479c5161639aac466c763b6b958a9524201d74/api/src/logger.ts
github	www.github.com/directus/directus/security/advisories/GHSA-8vg2-wf3q-mwv7

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

24 Mar 2023 00:15Current

5Medium risk

Vulners AI Score5

CVSS35.5

EPSS0.00051