12Mar
CVE-2024-28238 | Directus up to 10.9.x /files get request method with sensitive query strings (GHSA-2ccr-g2rv-h677)
A vulnerability classified as problematic was found in Directus up to 10.9.x. Affected by this vulnerability is an unknown functionality of the file /files. The manipulation leads to use of get request method with sensitive query strings. This vulnerability is known as CVE-2024-28238. It is possible to launch the attack on the local host. There is no exploit available. It is recommended to upgrade the affected component.