In Directus, versions 9.0.0-alpha.4 up to and including 9.4.1 allow unrestricted file upload of .html files in the media upload functionality, which leads to Cross-Site Scripting vulnerability. A low privileged attacker can upload a crafted HTML file as a profile avatar, and when an admin or another user opens it, the XSS payload gets triggered.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
rangerstudio directus 9.0.0 |
||
rangerstudio directus |