Lucene search
China National Vulnerability DatabaseCNVD-2022-81371HistoryApr 07, 2022 - 12:00 a.m.
Directus Cross-Site Scripting Vulnerability (CNVD-2022-81371)
2022-04-0700:00:00
China National Vulnerability Database
www.cnvd.org.cn
10
directus
cross-site scripting
vulnerability
sql database
data validation
filtering
javascript code
EPSS
0.001
Percentile
35.1%
Directus is a live Api and application dashboard. Used to manage Sql database content, a cross-site scripting vulnerability existed prior to Directus version 9.7.0, which stems from the program’s lack of data validation filtering of user-supplied data and output. An attacker could exploit this vulnerability to execute JavaScript code on the client side.
Related
cvelist
cvelist
CVE-2022-24814 Cross-site Scripting in Directus
2022-04-04 17:50:11
prion
prion
Design/Logic Flaw
2022-04-04 18:15:00
nvd
nvd
CVE-2022-24814
2022-04-04 18:15:08
github
github
osv
osv
CVE-2022-24814
2022-04-04 18:15:08
cve
cve
CVE-2022-24814
2022-04-04 18:15:08
veracode
veracode
Cross-Site Scripting (XSS)
2022-04-05 12:08:46