CVE-2024-27295 | Directus up to 10.8.2 Password Reset name resolution

Posted by Angelo Barbosa | Mar 1, 2024 | CVE

A vulnerability, which was classified as critical, has been found in Directus up to 10.8.2. This issue affects some unknown processing of the component Password Reset Handler. The manipulation leads to incorrectly-resolved name.

The identification of this vulnerability is CVE-2024-27295. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-27295 | Directus up to 10.8.2 Password Reset name resolution

Related Posts

CVE-2024-33694 | Meks ThemeForest Smart Widget Plugin up to 1.5 on WordPress cross site scripting

CVE-2023-7065 | Stop Spammers Security Plugin up to 2024.4 on WordPress sfs_process cross-site request forgery

CVE-2024-20069 | MediaTek MT8797 Modem downgrade (MOLY01286330)

CVE-2024-4535 | KKProgressbar2 Free Plugin up to 1.1.4.2 on WordPress cross-site request forgery