A vulnerability classified as problematic was found in Directus up to 10.9.x. Affected by this vulnerability is an unknown functionality of the file /files. The manipulation leads to use of get request method with sensitive query strings.
This vulnerability is known as CVE-2024-28238. It is possible to launch the attack on the local host. There is no exploit available.
It is recommended to upgrade the affected component.