Lucene search
K
RangerstudioDirectus

11 matches found

CVE
CVE
added 2022/04/04 5:50 p.m.101 views

CVE-2022-24814

Directus XSS in Rich Text HTML interface: prior to v9.7.0, an iframe that links to an uploaded HTML file can load a second uploaded JS file, bypassing CSP and allowing arbitrary JS execution. Root cause: unsafe handling of embedded JS via WYSIWYG content. Impact: unauthorized JS execution within ...

8.8CVSS6.7AI score0.01018EPSS
CVE
CVE
added 2022/06/22 3:40 p.m.92 views

CVE-2022-23080

Directus CMS: CVE-2022-23080 affects Directus v9.0.0-beta.2 through 9.6.0, enabling SSRF in the media upload flow that lets a low-privilege user perform internal port scans. The connected advisories describe exploit scenarios (e.g., DNS rebinding attempts in file import) and confirm ongoing discu...

5CVSS5.4AI score0.00785EPSS
CVE
CVE
added 2021/04/07 9:31 p.m.74 views

CVE-2021-29641

CVE-2021-29641 affects Directus 8 up to 8.8.2. The vulnerability arises from file-upload permissions that allow uploading a PHP file to the main upload directory and, in a subdirectory, a PHP file plus an .htaccess, enabling remote authenticated code execution. Exploitation is limited to specific...

8.8CVSS8.8AI score0.04867EPSS
Web
CVE
CVE
added 2022/01/10 3:26 p.m.65 views

CVE-2022-22116

Directus Vulnerability: CVE-2022-22116 affects Directus versions 9.0.0-alpha.4 through 9.4.1 with a stored XSS via SVG file uploads in the media upload flow. Root cause: improper handling of SVG uploads allowing injection of arbitrary JavaScript, executed when a victim opens the image URL. Impact...

5.4CVSS5.2AI score0.00633EPSS
CVE
CVE
added 2022/01/10 3:26 p.m.62 views

CVE-2022-22117

Directus contains a Cross-Site Scripting vulnerability in its media upload flow (versions 9.0.0-alpha.4 through 9.4.1) where unrestricted HTML file uploads can be used as a profile avatar. A low-privilege attacker can upload a crafted HTML file, and when an admin or another user opens it, the XSS...

5.4CVSS5.1AI score0.00633EPSS
CVE
CVE
added 2021/02/23 6:57 p.m.52 views

CVE-2021-26593

CVE-2021-26593 affects Directus 8.x–8.8.1, where the API endpoint /users/{id} can disclose extensive user data (email, first name, last name) and the 2FA secret, which can be regenerated. Root cause: exposure via an unauthorized or overly permissive user lookup that returns sensitive fields. Impa...

7.5CVSS7.3AI score0.01381EPSS
Web
CVE
CVE
added 2021/02/23 7:0 p.m.50 views

CVE-2021-26595

CVE-2021-26595 affects Directus 8.x–8.8.1, where the endpoint commonly called at connection time, api-aa, discloses sensitive environment details (CMS version, PHP version, and DBMS name). The issue is that this information disclosure occurs because api-aa is invoked automatically, with the note ...

5.3CVSS5.1AI score0.00702EPSS
CVE
CVE
added 2021/02/23 6:54 p.m.47 views

CVE-2021-27583

Directus 8.x–8.8.1 is affected by a vulnerability where the password reset feature can be leveraged to determine if a given user exists in the database. The issue is confirmed across multiple sources (NVD/Red Hat/OSV/etc.) and is constrained to products no longer supported by the maintainer. The ...

5.3CVSS5.3AI score0.011EPSS
CVE
CVE
added 2021/02/23 6:59 p.m.43 views

CVE-2021-26594

CVE-2021-26594 affects Directus 8.x through 8.8.1, where an attacker can switch to the administrator role via PATCH without backend checks. The vulnerability is limited to products no longer supported by the maintainer. Remediation in public docs advises upgrading to a supported Directus version;...

8.8CVSS8.6AI score0.01165EPSS
CVE
CVE
added 2023/03/06 4:43 p.m.43 views

CVE-2023-27474

Directus (real‑time API and App dashboard for SQL content) has a HTML injection vulnerability in reset URLs when an allow‑listed reset URL is used. The issue arises from query parameters in the reset URL, enabling an attacker to craft emails directing users to the server domain that may include m...

8CVSS6.2AI score0.00531EPSS
CVE
CVE
added 2018/05/05 10:0 p.m.41 views

CVE-2018-10723

Directus 6.4.9 contains a hardcoded admin password for the Admin account caused by an INSERT in api/schema.sql. Multiple sources (CNVD-2018-09196, NVD CVE-2018-10723, OSV, PRION) describe this as an elevation of privilege/vector involving a hardcoded credential, enabling potential administrator a...

9.8CVSS9.5AI score0.01273EPSS