Directus up to 8.8.1 Upload Directory unrestricted upload

entryeditHistoryDiffjsonxmlCTI

A vulnerability, which was classified as critical, was found in Directus up to 8.8.1. Affected is an unknown functionality of the component Upload Directory Handler. Upgrading to version 8.8.2 eliminates this vulnerability.

User

Field

Commit Conf

Approve Conf

IDCommitedUserFieldChangeRemarksModeratedReasonC
1111779904/08/2021VulD...price_0day$0-$5ksee documentation04/08/2021accepted90
1111779804/08/2021VulD...cvss3_meta_tempscore6.3see documentation04/08/2021accepted90
1111779704/08/2021VulD...cvss3_meta_basescore6.3see documentation04/08/2021accepted90
1111779604/08/2021VulD...cvss3_vuldb_tempscore6.304/08/2021accepted90
1111779504/08/2021VulD...cvss3_vuldb_basescore6.304/08/2021accepted90
1111779404/08/2021VulD...cvss2_vuldb_tempscore6.004/08/2021accepted90
1111779304/08/2021VulD...cvss2_vuldb_basescore6.004/08/2021accepted90
1111779204/08/2021VulD...cvss3_vuldb_eXderived from historical data04/08/2021accepted80
1111779104/08/2021VulD...cvss3_vuldb_sUderived from historical data04/08/2021accepted80
1111779004/08/2021VulD...cvss3_vuldb_acLderived from historical data04/08/2021accepted80
1111778904/08/2021VulD...cvss2_vuldb_eNDderived from historical data04/08/2021accepted80
1111778804/08/2021VulD...cvss2_vuldb_auSderived from historical data04/08/2021accepted80
1111778704/08/2021VulD...cvss2_vuldb_acMderived from historical data04/08/2021accepted80
1111778604/08/2021VulD...cvss2_vuldb_rlOFderived from vuldb v3 vector04/08/2021accepted80
1111778504/08/2021VulD...cvss2_vuldb_rcCderived from vuldb v3 vector04/08/2021accepted80
1111778404/08/2021VulD...cvss2_vuldb_aiPderived from vuldb v3 vector04/08/2021accepted80
1111778304/08/2021VulD...cvss2_vuldb_iiPderived from vuldb v3 vector04/08/2021accepted80
1111778204/08/2021VulD...cvss2_vuldb_ciPderived from vuldb v3 vector04/08/2021accepted80
1111778104/08/2021VulD...cvss2_vuldb_avNderived from vuldb v3 vector04/08/2021accepted80
1111778004/08/2021VulD...date1617832800 (04/08/2021)04/08/2021accepted90

Do you want to use VulDB in your project?

Use the official API to access entries easily!