CVE-2019-13984

Posted on by admin

CVE-2019-13984

Directus 7 API before 2.3.0 does not validate uploaded files. Regardless of the file extension or MIME type, there is a direct link to each uploaded file, accessible by unauthenticated users, as demonstrated by the EICAR Anti-Virus Test File.

Source: CVE-2019-13984

답글 남기기

이메일 주소는 공개되지 않습니다. 필수 필드는 *로 표시됩니다