Duplicate Advisory: Code injection in Directus

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9qrm-48qf-r2rw. This link is maintained to preserve external references. Original Description Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is...

GHSA-QF6H-P3MR-VMH5 Duplicate Advisory: Code injection in Directus

Duplicate Advisory This advisory has been withdrawn because it is a duplicate of GHSA-9qrm-48qf-r2rw. This link is maintained to preserve external references. Original Description Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is...

CVE-2024-6533

Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with...

CVE-2024-6533

Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with...

CVE-2024-6534 Directus 10.13.0 - Insecure object reference via PATH presets

Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with...

CVE-2024-6534

CVE-2024-6534 affects Directus v10.13.0. An authenticated external attacker can modify presets created by the same user to assign them to another user due to insufficient validation of the user parameter in PATCH /presets (only POST /presets is validated). This vulnerability, when chained with CV...

CVE-2024-6534 Directus 10.13.0 - Insecure object reference via PATH presets

Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with...

CVE-2024-6533 Directus 10.13.0 - DOM-Based cross-site scripting (XSS) via layout_options

Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with...

CVE-2024-6533 Directus 10.13.0 - DOM-Based cross-site scripting (XSS) via layout_options

Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with...

CVE-2024-6533

Directus 10.13.0 is affected by a DOM-based XSS flaw where an authenticated attacker can inject and store an attacker-controlled value that is rendered into an unsanitized DOM element on the client. The issue stems from how a parameter is stored on the server and later used by the client, enablin...

Directus 跨站脚本漏洞

Directus is a real-time Api and application dashboard from Directus Open Source. It is used to manage Sql database content. A cross-site scripting vulnerability exists in Directus version 10.13.0 that originates from allowing an authenticated external attacker to execute arbitrary JavaScript on t...

PT-2024-37695 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus version 10.13.0 Description: The issue allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter into an unsanitized DOM...

Directus 安全漏洞

Directus is a real-time Api and application dashboard open-sourced by Directus. It is used to manage Sql database content. A security vulnerability exists in Directus version 10.13.0 that originates from allowing an authenticated external attacker to modify a preset created by the same user in...

@angular-devkit/build-angular (>=18.0.0 <=18.1.0-next.2), @angular/build (>=18.0.0 <=18.1.0-next.2) +64 more potentially affected by CVE-2024-38372 via undici (>=6.14.1 <=6.19.1)

undici NPM version =6.14.1, =18.0.0, =18.0.0, =1.2.0, =0.1.0, =2.1.0, =2.3.0, =1.1.1, =19.1.0, =10.0.20, =1.0.12, =2.1.1-dev.1717589072-346d1be72, =2.4.0-dev.1717589083-346d1be72, =2.4.0-dev.1724328261-ec9080b88 - @draftbot/discord.js =14.15.3 - @draftbot/rest =2.3.0 and more Source cves:...

Denial Of Service (DoS)

Directus is vulnerable to Denial Of Service DoS. The vulnerability is due to field duplication in GraphQL, where an attacker can overwhelm the server by requesting the same field multiple times in a single query, leading to excessive resource consumption and denial of service for legitimate users...

Sensitive Information Disclosure

directus is vulnerable to Sensitive Information Disclosure. The vulnerability is due to improper error handling when using SSO providers in combination with local authentication. An attacker can determine if an email address belongs to an SSO user by observing the error message provided by...

Improper Access Control

directus is vulnerable to Improper Access Control. The vulnerability is due to improper handling of in and nin operators, which allows an attacker to query expressions with empty arrays, which are evaluated as valid, resulting in unauthorized access...

Server Side Request Forgery (SSRF)

Directus is vulnerable to Server-Side Request Forgery SSRF. This vulnerability is caused by insecure redirects during file imports from external sources due to proper validation of the resulting URL, which can allows an attacker to send crafted requests to internal IP addresses, resulting in SSRF...

Directus Allows Single Sign-On User Enumeration

Impact When relying on SSO providers in combination with local authentication it can be possible to enumerate existing SSO users in the instance. This is possible because if an email address exists in Directus and belongs to a known SSO provider then it will throw a "helpful" error that the user...

GHSA-JGF4-VWC3-R46V Directus Allows Single Sign-On User Enumeration

Impact When relying on SSO providers in combination with local authentication it can be possible to enumerate existing SSO users in the instance. This is possible because if an email address exists in Directus and belongs to a known SSO provider then it will throw a "helpful" error that the user...