CVE-2022-22116
Directus Vulnerability: CVE-2022-22116 affects Directus versions 9.0.0-alpha.4 through 9.4.1 with a stored XSS via SVG file uploads in the media upload flow. Root cause: improper handling of SVG uploads allowing injection of arbitrary JavaScript, executed when a victim opens the image URL. Impact...