2 matches found
CVE-2025-53885
Directus is a real-time API and App dashboard for managing SQL database content. Starting in version 9.0.0 and prior to version 11.9.0, when using Directus Flows to handle CRUD events for users it is possible to log the incoming data to console using the "Log to Console" operation and a template...
CVE-2025-53885
Directus Flows logs can disclose sensitive user data via the Log to Console operation. Affected: Directus real-time API/dashboard prior to 11.9.0 (versions 9.0.0–11.8.x). Root cause: logging unfettered input during user create/update events, enabling a malicious admin to view other users’ data. I...