PT-2024-26122 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.11.0 Description: A user with permission to view any collection using redacted hashed fields can access the raw stored version using the alias functionality on the API. Normally, these redacted fields return , bu...

@angular-devkit/build-angular (>=17.1.0-next.1 <=18.0.0-next.1), @directus/api (>=15.0.0 <=19.0.2) +25 more potentially affected by CVE-2024-30260 via undici (>=6.0.1 <=6.10.2)

undici NPM version =6.0.1, =17.1.0-next.1, =15.0.0, =10.0.15, =1.0.7, =18.0.0-next.3, =18.0.0-next.3, =1.0.0-alpha.22, =1.0.0-alpha.22, =1.0.0-alpha.22, =1.0.5, =1.0.6 and more Source cves: CVE-2024-30260 Source advisory: OSV:GHSA-M4V8-WQVR-P9F7...

The vulnerability of the application layer in real-time content management system SQL Directus, related to the use of incorrect alias names, allows attackers to bypass the password protection for arbitrary users.

The vulnerability of the application layer in real-time database content management system SQL Directus is related to the use of names with incorrect references. Exploiting this vulnerability could allow an attacker to reset the password of an arbitrary user remotely...

Sensitive Query Strings In GET Request

directus is vulnerable to the Use of a GET Request Method With Sensitive Query Strings. The vulnerability is due to the inclusion of session tokens in URLs, which are often logged in various places, posing a security risk. Attackers gaining access to these logs may hijack active user sessions,...

CVE-2024-28239

Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...

CVE-2024-28238

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers...

Open redirect

Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...

Cross site request forgery (csrf)

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers...

Session Token in URL in directus

Impact When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers gaining access to these logs may hijack active user sessions, leading to...

CVE-2024-28238

CVE-2024-28238 concerns Directus, where a session token (JWT) is sent via GET on the /files page. This exposes tokens to logs (web servers, browser history), enabling potential session hijacking and unauthorized actions if an attacker accesses those logs. Public sources in the connected documents...

CVE-2024-28238 Session Token in URL in directus

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers...

CVE-2024-28238 Session Token in URL in directus

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers...

CVE-2024-28238 Session Token in URL in directus

Directus is a real-time API and App dashboard for managing SQL database content. When reaching the /files page, a JWT is passed via GET request. Inclusion of session tokens in URLs poses a security risk as URLs are often logged in various places e.g., web server logs, browser history. Attackers...

CVE-2024-28239 URL Redirection to Untrusted Site in OAuth2/OpenID in directus

Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...

CVE-2024-28239 URL Redirection to Untrusted Site in OAuth2/OpenID in directus

Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...

CVE-2024-28239

CVE-2024-28239 affects Directus. The authentication API’s redirect parameter can be exploited to perform an open redirect during login (e.g., redirect to http://malicious-fishing-site.com after OAuth2 login). This can enable phishing by steering users to a forged error page while using a legitima...

CVE-2024-28239 URL Redirection to Untrusted Site in OAuth2/OpenID in directus

Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...

Directus Input Validation Error Vulnerability

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. An input validation error vulnerability exists in Directus 10.10.0 and earlier versions, which stems from the presence of an input validation error vulnerability that can be exploited by an attacker ...

Directus Security Vulnerabilities

Directus is a real-time Api and application dashboard. It is used to manage Sql database content. A security vulnerability exists in Directus version 10.10.0 and earlier, which originates in the /files page that allows an attacker to pass a JWT via a GET request...

PT-2024-22353 · Directus · Directus

Name of the Vulnerable Software and Affected Versions: Directus versions prior to 10.10.0 Description: The issue concerns the inclusion of session tokens in URLs, specifically when reaching the "/files" page, where a JWT is passed via GET request. This poses a security risk as URLs are often logg...