PT-2023-26483 · Directus · Directus
Name of the Vulnerable Software and Affected Versions: Directus versions 10.3.0 through 10.4.x Description: The issue concerns the improper checking of permission filters when using GraphQL subscriptions, resulting in unauthorized users receiving events they should not have access to. This affect...