Vulnerabilities > Rangerstudio > Directus 7 API > Medium

DATE CVE VULNERABILITY TITLE RISK
2019-07-19 CVE-2019-13981 Forced Browsing vulnerability in Rangerstudio Directus 7 API
In Directus 7 API through 2.3.0, remote attackers can read image files via a direct request for a filename under the uploads/_/originals/ directory.
network
low complexity
rangerstudio CWE-425
5.3
5.3