2 matches found
CVE-2024-28239 URL Redirection to Untrusted Site in OAuth2/OpenID in directus
Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...
CVE-2024-28239 URL Redirection to Untrusted Site in OAuth2/OpenID in directus
Directus is a real-time API and App dashboard for managing SQL database content. The authentication API has a redirect parameter that can be exploited as an open redirect vulnerability as the user tries to log in via the API URL. There's a redirect that is done after successful login via the Auth...