Vulnerabilities > Rangerstudio > Directus > 9.5.2
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2023-03-06 | CVE-2023-27474 | Cross-site Scripting vulnerability in Rangerstudio Directus Directus is a real-time API and App dashboard for managing SQL database content. | 5.4 |
2022-06-22 | CVE-2022-23080 | Server-Side Request Forgery (SSRF) vulnerability in Rangerstudio Directus In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans. | 5.0 |