Directus allows unauthenticated file upload and file modification due to lacking input sanitization
Summary A vulnerability exists in the file update mechanism which allows an unauthenticated actor to modify existing files with arbitrary contents without changes being applied to the files' database-resident metadata and / or upload new files, with arbitrary content and extensions, which won't...