CVE-2024-34708 | Directus up to 10.10.x API alias text information disclosure

Inserito da Angelo Barbosa | Mag 13, 2024 | CVE

A vulnerability was found in Directus up to 10.10.x. It has been rated as problematic. Affected by this issue is the function alias of the component API. The manipulation of the argument text leads to information disclosure.

This vulnerability is handled as CVE-2024-34708. The attack may be launched remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-34708 | Directus up to 10.10.x API alias text information disclosure

Post correlati

CVE-2024-5294 | D-Link DIR-3040 120B03 prog.cgi websSecurityHandler memory leak (ZDI-24-445)

CVE-2023-47527 | Sajjad Hossain Sagor WP Edit Username Plugin up to 1.0.5 on WordPress cross site scripting

CVE-2024-7820 | ILC Thickbox Plugin up to 1.0 on WordPress Setting cross-site request forgery

CVE-2024-45436 | Ollama up to 0.1.46 model.go extractFromZipFile