CVE-2026-35408

HIGH

8.7

Beschreibung

Directus is a real-time API and App dashboard for managing SQL database content. Prior to 11.17.0, Directus's Single Sign-On (SSO) login pages lacked a Cross-Origin-Opener-Policy (COOP) HTTP response header. Without this header, a malicious cross-origin window that opens the Directus login page retains the ability to access and manipulate the window object of that page. An attacker can exploit this to intercept and redirect the OAuth authorization flow to an attacker-controlled OAuth client, causing the victim to unknowingly grant access to their authentication provider account (e.g. Google, Discord). This vulnerability is fixed in 11.17.0.

CVE Details

CVSS v3.1 Bewertung8.7

SchweregradHIGH

CVSS VektorCVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:N

AngriffsvektorNETWORK

KomplexitatHIGH

Erforderliche PrivilegienNONE

BenutzerinteraktionNONE

Veroffentlicht4/6/2026

Zuletzt geandert4/6/2026

Quellenvd

Honeypot-Sichtungen0

Schwachen (CWE)

CWE-346CWE-693

Referenzen

https://github.com/directus/directus/security/advisories/GHSA-8m32-p958-jg99(security-advisories@github.com)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.