Directus is a live Api and application dashboard. Used to manage Sql database content, a cross-site scripting vulnerability existed prior to Directus version 9.7.0, which stems from the program’s lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.