CVE-2024-39701 | Directus up to 10.5.x _in/_nin access control (GHSA-hxgm-ghmv-xjjm)

Inserito da Angelo Barbosa | Lug 8, 2024 | CVE

A vulnerability was found in Directus up to 10.5.x and classified as problematic. This issue affects the function _in/_nin. The manipulation leads to improper access controls.

The identification of this vulnerability is CVE-2024-39701. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-39701 | Directus up to 10.5.x _in/_nin access control (GHSA-hxgm-ghmv-xjjm)

Post correlati

CVE-2024-37633 | TOTOLINK A3700R 9.1.2u.6165_20211012 setWiFiGuestCfg ssid stack-based overflow

CVE-2024-6061 | GPAC 2.5-DEV-rev228-g11067ea92-master MP4Box isoffin_read.c isoffin_process infinite loop (Issue 2871)

CVE-2024-6680 | witmy my-springsecurity-plus up to 2024-07-04 /api/dept/build params.dataScope sql injection (IAAH8A)

CVE-2024-6633 | Fortra FileCatalyst Workflow up to 5.1.6 Build 139 HSQL Database information disclosure