CVE-2023-28443

Posted on 2023년 3월 24일2023년 3월 24일 by admin

CVE-2023-28443

Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 9.23.3, the `directus_refresh_token` is not redacted properly from the log outputs and can be used to impersonate users without their permission. This issue is patched in version 9.23.3.

Source: CVE-2023-28443

답글 남기기 응답 취소