CVE-2023-27474

HIGH7.5EPSS 0.83%

directus vulnerable to HTML Injection in Password Reset email to custom Reset URL

發布日:2023/3/7修改日:2023/11/8

描述

### Impact Instances relying on an allow-listed reset URL are vulnerable to an HTML injection attack through the use of query parameters in the reset URL. ### Patches The problem has been resolved and released under version 9.23.0. People relying on a custom password reset URL should upgrade to 9.23.0 or later, or remove the custom reset url from the configured allow list. ### Workarounds Disable the custom reset URL allow list.

受影響套件(1)

npm/directusfrom 0, < 9.23.0

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

參考連結(5)

ADVISORYhttps://nvd.nist.gov/vuln/detail/CVE-2023-27474
PATCHhttps://github.com/directus/directus
WEBhttps://github.com/directus/directus/issues/17119
WEBhttps://github.com/directus/directus/pull/17120
WEBhttps://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6