CVE-2024-47822 Directus inserts access token from query string into logs

Directus is a real-time API and App dashboard for managing SQL database content. Access tokens from query strings are not redacted and are potentially exposed in system logs which may be persisted. The access token in req.query is not redacted when the LOGSTYLE is set to raw. If these logs are no...

CVE-2024-47822

creationtimestamp| type| source ---|---|--- 2024-10-08 12:52:21+00:00| published-proof-of-concept| https://github.com/directus/directus/security/advisories/GHSA-vw58-ph65-6rxp 2024-10-08 21:14:13+00:00| seen| https://t.me/cvedetector/7393...