A vulnerability was found in Directus up to 10.9.x. It has been classified as problematic. This affects an unknown part of the file directus/auth/login/google of the component API GET Request Handler. The manipulation of the argument redirect leads to open redirect.
This vulnerability is uniquely identified as CVE-2024-28239. It is possible to initiate the attack remotely. There is no exploit available.
It is recommended to upgrade the affected component.