Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
directus - SSRF which leads to internal port scan
Vulnerability Description
In directus versions v9.0.0-beta.2 through 9.6.0 are vulnerable to server-side request forgery (SSRF) in the media upload functionality which allows a low privileged user to perform internal network port scans.
CVSS Information
N/A
Vulnerability Type
服务端请求伪造(SSRF)
Vulnerability Title
Directus 代码问题漏洞
Vulnerability Description
Directus是一个实时 Api 和应用程序仪表板。用于管理 Sql 数据库内容。 Directus v9.0.0-beta.2版本至9.6.0版本存在代码问题漏洞,该漏洞源于媒体上传功能中存在服务器端请求伪造 (SSRF) 漏洞。攻击者利用该漏洞执行内部网络端口扫描。
CVSS Information
N/A
Vulnerability Type
N/A