Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a CAPTCHA in core/Directus/Services/AuthService.php and endpoints/Auth.php.
{ "versions": [ { "introduced": "0" }, { "fixed": "2.2.2" } ] }
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2019-13983.json"