Serious XSS Vulnerability Found In Directus Open Data Platform

A serious security vulnerability existed in the Directus CMS that could allow XSS attacks. The vendors patched the bug soon after it caught the attention, and released the fix with the subsequent software update.

Directus XSS Vulnerability

According to a recent report from Synopsys Cybersecurity Research Center (CyRC), its researchers found a cross-site scripting (XSS) flaw in the Directus CMS.

Specifically, the Directus Open Data Platform is an open-source headless CMS that facilitates database management. The JavaScript-based software lets the users view and manage data and content without hassle.

Regarding the vulnerability, the researcher David Johansson explained that he caught a stored XSS vulnerability in the file upload functionality of the Directus platform. As described,

An authenticated user with access to Directus can abuse the file upload functionality to create a stored XSS attack that is automatically executed when other users view certain collections or files within Directus.

In the worst exploit, an adversary succeeding in compromising the admin could even gain access to Directus data and settings.

The vulnerability, CVE-2022-24814, has received a medium-severity rating with a CVSS score of 5.4.

The researcher explained that this bug isn’t the first such case. Instead, two other vulnerabilities, CVE-2022-22116 and CVE-2022-22117, had previously drawn attention as well. In fact, the vendors even fixed those flaws with the software version 9.4.2. However, it remained possible to bypass the patches, and thus, the vulnerability affected all platforms including and before Directus v9.6.0.

Nonetheless, the vendors, upon receiving the bug report for CVE-2022-24814, worked again to fix it. Consequently, they released the fix with Directus v9.7.0.

Though this isn’t the latest version, and the vendors have even rolled out the Directus v9.8.0 earlier this month. But since they all include the patch, Directus users must ensure upgrading to the latest version to stay up to date with all the recent feature and security upgrades.

Let us know your thoughts in the comments.

Related posts

Hard-Coded Credentials Vulnerability Found In Kubernetes Image Builder

Critical Vulnerability Patched In Jetpack WordPress Plugin

Astaroth Banking Malware Runs Actively Targets Users In Brazil