CVE-2022-26969
Published
CVSS v3
9.8
CRITICAL
CVSS v2
N/A
Affected
1
PROJECT
Description
In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true.
The flexible backend for all your projects 🐰 Turn your DB into a headless CMS, admin panels, or apps with a custom UI, instant APIs, auth & more.
GitHub