A serious security vulnerability existed in the Directus CMS that could allow XSS attacks. The vendors patched the bug soon after it caught the attention, and released the fix with the subsequent software update.
Directus XSS Vulnerability
According to a recent report from Synopsys Cybersecurity Research Center (CyRC), its researchers found a cross-site scripting (XSS) flaw in the Directus CMS.
Regarding the vulnerability, the researcher David Johansson explained that he caught a stored XSS vulnerability in the file upload functionality of the Directus platform. As described,
An authenticated user with access to Directus can abuse the file upload functionality to create a stored XSS attack that is automatically executed when other users view certain collections or files within Directus.
In the worst exploit, an adversary succeeding in compromising the admin could even gain access to Directus data and settings.
The vulnerability, CVE-2022-24814, has received a medium-severity rating with a CVSS score of 5.4.
The researcher explained that this bug isn’t the first such case. Instead, two other vulnerabilities, CVE-2022-22116 and CVE-2022-22117, had previously drawn attention as well. In fact, the vendors even fixed those flaws with the software version 9.4.2. However, it remained possible to bypass the patches, and thus, the vulnerability affected all platforms including and before Directus v9.6.0.
Nonetheless, the vendors, upon receiving the bug report for CVE-2022-24814, worked again to fix it. Consequently, they released the fix with Directus v9.7.0.
Though this isn’t the latest version, and the vendors have even rolled out the Directus v9.8.0 earlier this month. But since they all include the patch, Directus users must ensure upgrading to the latest version to stay up to date with all the recent feature and security upgrades.
Let us know your thoughts in the comments.