CVE-2022-23080

In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans.
Configurations

No configuration.

History

22 Jun 2022, 16:15

Type Values Removed Values Added
New CVE

Information

Published : 2022-06-22 16:15

Updated : 2022-06-23 13:18


NVD link : CVE-2022-23080

Mitre link : CVE-2022-23080


JSON object : View

Products Affected

No product.

CWE
CWE-918

Server-Side Request Forgery (SSRF)