4 matches found
CVE-2022-26969
In Directus before 9.7.0, the default settings of CORSORIGIN and CORSENABLED are true...
CVE-2022-26969
In Directus before 9.7.0, the default settings of CORSORIGIN and CORSENABLED are true...
CVE-2022-26969
CVE-2022-26969 affects Directus prior to version 9.7.0, where the default settings for CORS_ORIGIN and CORS_ENABLED are true. The Red Hat and NVD entries confirm this issue, with a high-severity CVSS v3.1 base score (9.8, CRITICAL) and a network-based vector (AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H)....
CVE-2022-26969
In Directus before 9.7.0, the default settings of CORSORIGIN and CORSENABLED are true...