Lucene search

K

MitreCVELIST:CVE-2022-26969

HistoryDec 26, 2022 - 12:00 a.m.

CVE-2022-26969

2022-12-2600:00:00

mitre

www.cve.org

1

directus

cors_origin

cors_enabled

vulnerability

AI Score

9.8

Confidence

High

EPSS

0.002

Percentile

57.7%

In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true.

References

developer.mozilla.org/en-US/docs/Web/HTTP/CORS

github.com/directus/directus/blob/8daed9c41baeaf1d08c1e292bf9f0dcef65e48fb/docs/configuration/config-options.md

github.com/directus/directus/pull/12022

github.com/directus/directus/releases/tag/v9.7.0

security.snyk.io/vuln/SNYK-JS-DIRECTUS-2441822

AI Score

9.8

Confidence

High

EPSS

0.002

Percentile

57.7%

Related for CVELIST:CVE-2022-26969

prion1 github1 nvd1 osv2 veracode1 cve1