CVE-2025-24353 | Directus up to 11.1.x privileges management (GHSA-pmf4-v838-29hg)

Inserito da Angelo Barbosa | Gen 23, 2025 | CVE

A vulnerability classified as critical has been found in Directus up to 11.1.x. Affected is an unknown function. The manipulation leads to improper privilege management.

This vulnerability is traded as CVE-2025-24353. It is possible to launch the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2025-24353 | Directus up to 11.1.x privileges management (GHSA-pmf4-v838-29hg)

Post correlati

CVE-2024-28537 | Tenda AC18 15.03.05.05 fromNatStaticSetting page stack-based overflow

CVE-2024-47481 | Dell Data Lakehouse 1.0.0.0/1.1.0.0 access control (dsa-2024-419)

CVE-2024-27126 | QNAP Notes Station 3 prior 3.9.6 cross site scripting (qsa-24-21)

CVE-2024-0494 | Kashipara Billing Software 1.0 HTTP POST Request material_bill.php itemtypeid sql injection