Lucene search
K
Database
Vendors
Products
Timeline
Vulnerabilities
Perimeter Scanner
Scanning
Projects
Scanner
Agent Scanning
API Scanning
Manual Audit
Email
Webhook
Resources
Documents
Blog
Glossary
FAQ
Plugins
Pricing
Contacts
About Us
Partners
Branding Guideline
Settings
Sign in
MonospaceDirectus

2 matches found

CVE
CVEadded 2024/05/14 3:39 p.m.66 views

CVE-2024-34708

Directus is a real-time API and App dashboard for managing SQL database content. A user with permission to view any collection using redacted hashed fields can get access the raw stored version using the alias functionality on the API. Normally, these redacted fields will return ********** however ...

4.9CVSS6.7AI score0.00343EPSS
CVE
CVEadded 2024/05/14 3:39 p.m.65 views

CVE-2024-34709

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 10.11.0, session tokens function like the other JWT tokens where they are not actually invalidated when logging out. The directus_session gets destroyed and the cookie gets deleted but if the cookie value is c...

5.4CVSS5.6AI score0.00166EPSS