CVE-2022-22117
- Source
- https://cve.org/CVERecord?id=CVE-2022-22117
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-22117.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2022-22117
- Published
- 2022-01-10T16:15:10.120Z
- Modified
- 2026-03-14T11:27:22.920579Z
- Severity
-
- 5.4 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N CVSS Calculator
- Summary
- [none]
- Details
-
In Directus, versions 9.0.0-alpha.4 through 9.4.1 allow unrestricted file upload of .html files in the media upload functionality, which leads to Cross-Site Scripting vulnerability. A low privileged attacker can upload a crafted HTML file as a profile avatar, and when an admin or another user opens it, the XSS payload gets triggered.
- References
Affected packages
Git / github.com/directus/directus
Affected ranges
- Type
- GIT
- Repo
- https://github.com/directus/directus
- Events
-
IntroducedLast affectedIntroduced0 Unknown introduced commit / All previous commits are affectedLast affectedFixed
- Database specific
{ "versions": [ { "introduced": "9.0.1" }, { "last_affected": "9.4.1" }, { "introduced": "0" }, { "last_affected": "9.0.0-NA" } ] }
Database specific
unresolved_ranges
[
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha16"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha20"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha21"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha22"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha23"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha24"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha25"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha26"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha27"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha31"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha32"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha33"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha34"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha35"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha36"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha37"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha38"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha39"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha40"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha41"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha42"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-alpha9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-beta9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc0"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc1"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc10"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc100"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc101"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc11"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc12"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc13"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc14"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc15"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc17"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc18"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc19"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc2"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc20"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc21"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc22"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc23"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc24"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc25"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc26"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc27"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc28"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc29"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc3"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc30"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc31"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc32"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc33"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc34"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc35"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc36"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc37"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc38"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc39"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc4"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc40"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc41"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc42"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc43"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc44"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc45"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc46"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc47"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc48"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc49"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc5"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc50"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc51"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc52"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc53"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc54"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc55"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc56"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc57"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc58"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc59"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc6"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc60"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc61"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc62"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc63"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc64"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc65"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc66"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc67"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc68"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc69"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc7"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc70"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc71"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc72"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc73"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc74"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc75"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc76"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc77"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc78"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc79"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc8"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc80"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc81"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc82"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc83"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc84"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc85"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc86"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc87"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc88"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc89"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc9"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc90"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc91"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc92"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc93"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc94"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc95"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc96"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc97"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc98"
}
]
},
{
"events": [
{
"introduced": "0"
},
{
"last_affected": "9.0.0-rc99"
}
]
}
]
source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-22117.json"