Lucene search
PRIOn knowledge basePRION:CVE-2022-22116HistoryJan 10, 2022 - 4:15 p.m.
Cross site scripting
2022-01-1016:15:00
PRIOn knowledge base
www.prio-n.com
3
0.001 Low
EPSS
Percentile
21.5%
In Directus, versions 9.0.0-alpha.4 through 9.4.1 are vulnerable to stored Cross-Site Scripting (XSS) vulnerability via SVG file upload in media upload functionality. A low privileged attacker can inject arbitrary javascript code which will be executed in a victimβs browser when they open the image URL.
Related
cve
cve
CVE-2022-22116
2022-01-10 16:15:10
cvelist
cvelist
cnvd
cnvd
Directus Cross-Site Scripting Vulnerability
2022-01-14 00:00:00
nvd
nvd
CVE-2022-22116
2022-01-10 16:15:10
osv
osv
CVE-2022-22116
2022-01-10 16:15:10