CVE-2024-6533
published 2024-08-15CVE-2024-6533: Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an…
PriorityP430medium5.4CVSS 3.1
AVNACLPRLUIRSCCLILAN
EPSS
0.36%
27.6th percentile
Directus v10.13.0 allows an authenticated external attacker to execute arbitrary JavaScript on the client. This is possible because the application injects an attacker-controlled parameter that will be stored in the server and used by the client into an unsanitized DOM element. When chained with CVE-2024-6534, it could result in account takeover.
Affected
5 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| directus | directus | — | — |
| directus | directus | >= 0 < 10.13.2 | 10.13.2 |
| directus | directus | 0 – 10.13.0 | — |
| monospace | directus | — | — |
| msrc | microsoft_edge | — | — |
CVSS provenance
nvdv3.15.4MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N
ghsa5.4MEDIUM
osv5.4MEDIUM
vendor_msrc8.8HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
Directus has an insecure object reference via PATH presets
ghsa·2024-08-27·CVSS 5.4
CVE-2024-6534 [MEDIUM] CWE-639 Directus has an insecure object reference via PATH presets
Directus has an insecure object reference via PATH presets
### Impact
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the `POST /presets` request but not in the PATCH request. When chained with [CVE-2024-6533](https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw), it could result in account takeover.
This vulnerability occurs because the application only validates the user parameter in the `POST /presets` request but not in the PATCH request.
### PoC
To exploit this vulnerability, we need to do the follow steps using a non-administrative, default role attacker account.
1. Create a preset for a collec
OSV
Directus has an insecure object reference via PATH presets
osv·2024-08-27·CVSS 5.4
CVE-2024-6534 [MEDIUM] Directus has an insecure object reference via PATH presets
Directus has an insecure object reference via PATH presets
### Impact
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the `POST /presets` request but not in the PATCH request. When chained with [CVE-2024-6533](https://github.com/directus/directus/security/advisories/GHSA-9qrm-48qf-r2rw), it could result in account takeover.
This vulnerability occurs because the application only validates the user parameter in the `POST /presets` request but not in the PATCH request.
### PoC
To exploit this vulnerability, we need to do the follow steps using a non-administrative, default role attacker account.
1. Create a preset for a collec
GHSA
Duplicate Advisory: Improper access control in Directus
ghsa·2024-08-15·CVSS 5.4
[MEDIUM] CWE-639 Duplicate Advisory: Improper access control in Directus
Duplicate Advisory: Improper access control in Directus
## Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-3fff-gqw3-vj86. This link is maintained to preserve external references.
## Original Description
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.
OSV
Duplicate Advisory: Improper access control in Directus
osv·2024-08-15·CVSS 5.4
[MEDIUM] Duplicate Advisory: Improper access control in Directus
Duplicate Advisory: Improper access control in Directus
## Duplicate Advisory
This advisory has been withdrawn because it is a duplicate of GHSA-3fff-gqw3-vj86. This link is maintained to preserve external references.
## Original Description
Directus v10.13.0 allows an authenticated external attacker to modify presets created by the same user to assign them to another user. This is possible because the application only validates the user parameter in the 'POST /presets' request but not in the PATCH request. When chained with CVE-2024-6533, it could result in account takeover.
Microsoft
Chromium: CVE-2024-7536 Use after free in WebAudio
vendor_msrc·2024-08-13·CVSS 8.8
CVE-2024-7535 [HIGH] Chromium: CVE-2024-7536 Use after free in WebAudio
Chromium: CVE-2024-7536 Use after free in WebAudio
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see
Microsoft
Chromium: CVE-2024-7532 Out of bounds memory access in ANGLE
vendor_msrc·2024-08-13·CVSS 8.8
CVE-2024-7550 [HIGH] Chromium: CVE-2024-7532 Out of bounds memory access in ANGLE
Chromium: CVE-2024-7532 Out of bounds memory access in ANGLE
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How
Microsoft
Chromium: CVE-2024-7550 Type Confusion in V8
vendor_msrc·2024-08-13·CVSS 8.8
CVE-2024-7536 [HIGH] Chromium: CVE-2024-7550 Type Confusion in V8
Chromium: CVE-2024-7550 Type Confusion in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the v
Microsoft
Chromium: CVE-2024-7534 Heap buffer overflow in Layout
vendor_msrc·2024-08-13·CVSS 8.8
CVE-2024-7533 [HIGH] Chromium: CVE-2024-7534 Heap buffer overflow in Layout
Chromium: CVE-2024-7534 Heap buffer overflow in Layout
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I
Microsoft
Chromium: CVE-2024-7535 Inappropriate implementation in V8
vendor_msrc·2024-08-13·CVSS 8.8
CVE-2024-7534 [HIGH] Chromium: CVE-2024-7535 Inappropriate implementation in V8
Chromium: CVE-2024-7535 Inappropriate implementation in V8
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How c
Microsoft
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
vendor_msrc·2024-08-13·CVSS 8.4
CVE-2024-38218 [HIGH] CWE-843 Microsoft Edge (HTML-based) Memory Corruption Vulnerability
Microsoft Edge (HTML-based) Memory Corruption Vulnerability
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: According to the CVSS metric, the attack vector is local (AV:L). Why does the CVE title indicate that this is a remote code execution?
The word Remote in the title refers to the location of the attacker. This type of exploit is sometimes referred to as Arbitrary Code Execution (ACE). The attack itself is carried out locally. This means an attacker or victim needs to execute code from the local machine to exploit the vulnerability.
Microsoft Edge (Chromium-based): Microsoft Edge (Chromium-based)
Microsoft: Microsoft
Customer Actio
Microsoft
Chromium: CVE-2024-7533 Use after free in Sharing
vendor_msrc·2024-08-13·CVSS 8.8
CVE-2024-7532 [HIGH] Chromium: CVE-2024-7533 Use after free in Sharing
Chromium: CVE-2024-7533 Use after free in Sharing
Description: This CVE was assigned by Chrome. Microsoft Edge (Chromium-based) ingests Chromium, which addresses this vulnerability. Please see Google Chrome Releases for more information.
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.98
127.0.6533.99/.100
8/8/2024
FAQ: Why is this Chrome CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Chromium Open Source Software (OSS) which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see
Microsoft
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
vendor_msrc·2024-07-09·CVSS 7.0
CVE-2024-39379 [MEDIUM] Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
Microsoft Edge (Chromium-based) Remote Code Execution Vulnerability
FAQ: Why is this Adobe CVE included in the Security Update Guide?
The vulnerability assigned to this CVE is in Adobe Software which is consumed by Microsoft Edge (Chromium-based). It is being documented in the Security Update Guide to announce that the latest version of Microsoft Edge (Chromium-based) is no longer vulnerable.
How can I see the version of the browser?
In your Microsoft Edge browser, click on the 3 dots (...) on the very right-hand side of the window
Click on Help and Feedback
Click on About Microsoft Edge
FAQ: What is the version information for this release?
Microsoft Edge Channel
Microsoft Edge Version
Based on Chromium Version
Date Released
Stable
127.0.2651.74
127.0.6533.73
7/11/2024
Microsoft
No detection rules found.
No public exploits indexed.
2024-08-15
Published