Количество 2
Количество 2
CVE-2021-26594
In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no longer supported by the maintainer
GHSA-jp93-grh7-mxh4
** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no longer supported by the maintainer.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2021-26594 In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no longer supported by the maintainer | CVSS3: 8.8 | 0% Низкий | почти 5 лет назад |
| GHSA-jp93-grh7-mxh4 ** UNSUPPORTED WHEN ASSIGNED ** In Directus 8.x through 8.8.1, an attacker can switch to the administrator role (via the PATCH method) without any control by the back end. NOTE: This vulnerability only affects products that are no longer supported by the maintainer. | CVSS3: 8.8 | 0% Низкий | больше 3 лет назад |
Уязвимостей на страницу