CVE-2022-23080
Published
CVSS v3
5
MEDIUM
CVSS v2
4
MEDIUM
Affected
1
PROJECT
Description
In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans.
The flexible backend for all your projects 🐰 Turn your DB into a headless CMS, admin panels, or apps with a custom UI, instant APIs, auth & more.
GitHub