📦 Directus

This vulnerability allows unauthenticated attackers to modify existing files with arbitrary content or upload new files with arbitrary content and extensions in Directus. The modified files won't refl...

This vulnerability in Directus exposes sensitive data including environmental variables, API keys, and user information when a Flow with a Webhook trigger encounters a ValidationError. Attackers can e...

This vulnerability in Directus allows unauthenticated users to perform any CRUD operations or subscribe to data changes with full admin privileges when websocket authentication is set to 'public'. It ...

This vulnerability in Directus allows attackers to hijack password reset emails by using email addresses with accented characters that MySQL/MariaDB treat as identical to the victim's email address. A...

This timing-based user enumeration vulnerability in Directus allows attackers to determine whether specific usernames/emails exist in the system by measuring response time differences in password rese...

An open redirect vulnerability in Directus SAML authentication allows attackers to redirect users to malicious external websites after authentication. This affects all Directus instances using SAML au...

A stored cross-site scripting (XSS) vulnerability in Directus allows authenticated users with file upload and edit permissions to inject malicious JavaScript through the Block Editor interface. Attack...

This vulnerability in Directus allows authenticated users with read permissions to detect matches in concealed/sensitive fields through search functionality, enabling enumeration attacks. While actual...

This CVE describes an information disclosure vulnerability in Directus where unauthorized users can determine whether specific database collections exist by observing different error messages. Attacke...

A permission inheritance vulnerability in Directus allows stale field-level permissions to persist after field deletion. When a deleted field's name is reused for a new field, the new field inherits o...

This vulnerability in Directus logs sensitive authentication tokens when using WebHook triggers in Flows, exposing access and refresh tokens in system logs. Malicious administrators with log access ca...

Directus versions 9.12.0 through 11.8.0 have an authentication bypass vulnerability in manual trigger Flows. Attackers can execute Flows without proper permissions, potentially performing unauthorized...

This vulnerability in Directus allows authenticated users to enumerate database field contents they shouldn't have permission to view. By exploiting the search parameter, attackers can infer values fr...

This vulnerability in Directus's S3 storage driver allows attackers to cause denial of service for all assets by sending multiple malformed transformation requests. When exploited, all assets become u...

This vulnerability in Directus allows users with overlapping update permissions to modify fields they shouldn't have access to. When multiple policies grant access to different fields under different ...

This vulnerability in Directus allows users with typical permissions to specify arbitrary roles when sharing items, potentially granting access to fields they shouldn't see. It affects instances using...

CVE-2024-54128 is an HTML injection vulnerability in Directus's comment feature due to client-side filtering that can be bypassed. This allows attackers to inject malicious HTML content that could lea...

Directus systems with LOG_STYLE set to 'raw' expose access tokens in query strings within system logs. Attackers with log access can steal these tokens to gain administrative control, leading to unaut...

This vulnerability in Directus allows attackers to bypass localhost access restrictions by using alternative loopback IP addresses like 127.0.0.2 instead of just 127.0.0.1. This affects Directus insta...

CVE-2024-6533 is a stored cross-site scripting (XSS) vulnerability in Directus v10.13.0 that allows authenticated attackers to inject malicious JavaScript into the application. This affects all users ...

This vulnerability in Directus allows broken access control when using _in or _nin operators with empty arrays. Attackers can bypass intended permission checks, potentially accessing unauthorized data...

This CVE describes a Server-Side Request Forgery (SSRF) vulnerability in Directus that allows attackers to bypass DNS resolution protections via HTTP redirects. It enables blind SSRF attacks against i...

This vulnerability in Directus allows users with permission to view collections containing redacted hashed fields to bypass redaction and access the plaintext values using the alias parameter in API r...