Vulnerabilities > Monospace > Directus > 10.13.0

DATE CVE VULNERABILITY TITLE RISK
2024-10-08 CVE-2024-47822 Information Exposure Through Log Files vulnerability in Monospace Directus
Directus is a real-time API and App dashboard for managing SQL database content.
local
low complexity
monospace CWE-532
4.2
4.2
2024-08-15 CVE-2024-6534 Authorization Bypass Through User-Controlled Key vulnerability in Monospace Directus 10.13.0
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user.
network
low complexity
monospace CWE-639
4.3
4.3
2024-08-15 CVE-2024-6533 Cross-site Scripting vulnerability in Monospace Directus 10.13.0
Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client.
network
low complexity
monospace CWE-79
5.4
5.4