Rijkvanzanten

**Name of the Vulnerable Software and Affected Versions** Directus versions prior to 10.10.0 **Description** The issue concerns the inclusion of session tokens in URLs, specifically when reaching the "/files" page, where a JWT is passed via GET request. This poses a security risk as URLs are often logged in various places, such as web server logs and browser history. Attackers gaining access to these logs may hijack active user sessions, leading to unauthorized access to sensitive information or actions on behalf of the user. **Recommendations** For versions prior to 10.10.0, upgrade to version 10.10.0 to address the issue. As a temporary workaround, consider restricting access to the "/files" page until the upgrade is applied. Avoid using the `JWT` token in the GET request to the "/files" page until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** Directus versions prior to 10.8.3 **Description** Directus is a real-time API and App dashboard for managing SQL database content. Prior to version 10.8.3, the exact Directus version number was being shipped in compiled JS bundles which are accessible without authentication. With this information, a malicious attacker can look for known vulnerabilities in Directus core or any of its shipped dependencies in that specific running version. **Recommendations** For versions prior to 10.8.3, update to version 10.8.3 or newer to resolve the issue. As a temporary workaround, consider restricting access to the compiled JS bundles to minimize the risk of exploitation.