CNNVD-202507-1907 Information

CNNVD ID

CNNVD-202507-1907

Related CVE

CVE-2025-53886

• CNNVD Published: 2025-07-14

Description (Chinese)

Directus是Directus开源的一个实时 Api 和应用程序仪表板。用于管理 Sql 数据库内容。 Directus 9.0.0至11.9.0之前版本存在安全漏洞，该漏洞源于WebHook触发记录敏感数据，可能导致会话劫持。

Description (English)

Directus is a real-time Api and application dashboard from Directus open source. To manage Sql database content. The pre-Directus 9.0.0 to 11.9.0 security loophole, which originated from WebHook triggers the recording of sensitive data, could lead to a session hijacking.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Directus

Published

2025-07-14

Last Modified

2026-02-24

References

https://nvd.nist.gov/vuln/detail/CVE-2025-53886 https://access.redhat.com/security/cve/cve-2025-53886

Patch

https://github.com/directus/directus/releases