VYPR
Critical severityNVD Advisory· Published Dec 26, 2022· Updated Apr 14, 2025

CVE-2022-26969

CVE-2022-26969

Description

In Directus before 9.7.0, the default settings of CORS_ORIGIN and CORS_ENABLED are true.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected packages

Versions sourced from the GitHub Security Advisory.

PackageAffected versionsPatched versions
directusnpm
< 9.7.09.7.0

Affected products

2

Patches

Vulnerability mechanics

References

8

News mentions

0

No linked articles in our index yet.