Cadastre-se agora para um orçamento mais personalizado!

XSS vulnerability patched in Directus data engine platform

Abr, 11, 2022 Hi-network.com

A cross-site scripting (XSS) vulnerability has been patched in the popular Directus engine. 

Directus is an open source, modular content management system (CMS) promoted as a "flexible powerhouse for engineers." The platform can be used to wrap SQL databases with GraphQL and REST APIs. 

Directus has achieved 14.9k stars on GitHub and there are approximately 1,700 forks. 

Discovered by Synopsys Cybersecurity Research Center (CyRC) researcher David Johansson, the vulnerability is tracked as CVE-2022-24814 and can lead to account compromise. 

Impacting Directus v9.6.0 and earlier, CVE-2022-24814 was found in the file upload functionality of the CMS. 

"Unauthorized JavaScript can be executed by inserting an iframe into the rich text HTML interface that links to a file uploaded HTML file that loads another uploaded JS file in its script tag," Directus explained. "This satisfies the regular content security policy header, which in turn allows the file to run any arbitrary JS."

According to Synopsys, authenticated users can create a stored XSS attack that triggers when other users try to view "certain" collections or files on the platform. 

A similar issue, tracked under CVEs CVE-2022-22116 and CVE-2022-22117, was previously disclosed in the Directus App. However, the mitigation improvements did not go far enough and so could be bypassed, the researchers added. 

See also

Ransomware: An executive guide to one of the biggest menaces on the web

Everything you need to know about ransomware: how it started, why it's booming, how to protect against it, and what to do if your PC is infected.

Read now

Synopsys disclosed its findings to Directus on January 28. The platform's team triaged the vulnerability and released v3.7.0 on March 18 to resolve the security issue. In addition, Directus improved a "very permissive' default value for CORS configuration which could lead to unauthorized access when configurations had not been changed. 

The latest build is v3.9.0. 

"Synopsys would like to commend the Directus team for their responsiveness and for addressing this vulnerability in a timely manner," the company said. 

In related news, VMware published a security advisory on April 6 urging customers to patch software including VMware Workspace ONE Access, Identity Manager (vIDM), and vRealize Automation (vRA) to patch bugs leading to remote code execution (RCE), among other issues. 

See also

  • Fake Android shopping apps steal bank account logins, 2FA codes
  • FIN7 hacking group member sentenced to five years behind bars
  • VMware warns of critical remote code execution bug in Workspace ONE Access

Have a tip?Get in touch securely via WhatsApp Signal at +447713 025 499, or over at Keybase: charlie0


Security

8 habits of highly secure remote workersHow to find and remove spyware from your phoneThe best VPN services: How do the top 5 compare?How to find out if you are involved in a data breach -- and what to do next
  • 8 habits of highly secure remote workers
  • How to find and remove spyware from your phone
  • The best VPN services: How do the top 5 compare?
  • How to find out if you are involved in a data breach -- and what to do next

tag-icon Tags quentes : Tecnologia Segurança

Copyright © 2014-2024 Hi-Network.com | HAILIAN TECHNOLOGY CO., LIMITED | All Rights Reserved.