Staging Environment: Content and features may be unstable or change without notice.
Search for vulnerabilities
Vulnerability details: VCID-u121-7x5t-3fcg
Vulnerability ID VCID-u121-7x5t-3fcg
Aliases CVE-2023-27474
GHSA-4hmq-ggrm-qfc6
Summary Directus is a real-time API and App dashboard for managing SQL database content. Instances relying on an allow-listed reset URL are vulnerable to an HTML injection attack through the use of query parameters in the reset URL. An attacker could exploit this to email users urls to the servers domain but which may contain malicious code. The problem has been resolved and released under version 9.23.0. People relying on a custom password reset URL should upgrade to 9.23.0 or later, or remove the custom reset url from the configured allow list. Users are advised to upgrade. Users unable to upgrade may disable the custom reset URL allow list as a workaround.
Status Published
Exploitability 0.5
Weighted Severity 8.0
Risk 4.0
Affected and Fixed Packages Package Details
Weaknesses (3)
CWE-79 Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
CWE-1035 OWASP Top Ten 2017 Category A9 - Using Components with Known Vulnerabilities
CWE-937 OWASP Top Ten 2013 Category A9 - Using Components with Known Vulnerabilities
System Score Found at
epss 0.00828 https://api.first.org/data/v1/epss?cve=CVE-2023-27474
epss 0.00828 https://api.first.org/data/v1/epss?cve=CVE-2023-27474
epss 0.00828 https://api.first.org/data/v1/epss?cve=CVE-2023-27474
epss 0.00828 https://api.first.org/data/v1/epss?cve=CVE-2023-27474
cvssv3.1_qr HIGH https://github.com/advisories/GHSA-4hmq-ggrm-qfc6
cvssv3.1 7.5 https://github.com/directus/directus
generic_textual HIGH https://github.com/directus/directus
cvssv3.1 7.5 https://github.com/directus/directus/issues/17119
cvssv3.1 8 https://github.com/directus/directus/issues/17119
generic_textual HIGH https://github.com/directus/directus/issues/17119
ssvc Track https://github.com/directus/directus/issues/17119
cvssv3.1 7.5 https://github.com/directus/directus/pull/17120
cvssv3.1 8 https://github.com/directus/directus/pull/17120
generic_textual HIGH https://github.com/directus/directus/pull/17120
ssvc Track https://github.com/directus/directus/pull/17120
cvssv3.1 7.5 https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
cvssv3.1 8 https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
cvssv3.1_qr HIGH https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
generic_textual HIGH https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
ssvc Track https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
cvssv3.1 7.5 https://nvd.nist.gov/vuln/detail/CVE-2023-27474
generic_textual HIGH https://nvd.nist.gov/vuln/detail/CVE-2023-27474
Reference id Reference type URL
https://api.first.org/data/v1/epss?cve=CVE-2023-27474
https://github.com/directus/directus
https://nvd.nist.gov/vuln/detail/CVE-2023-27474
17119 https://github.com/directus/directus/issues/17119
17120 https://github.com/directus/directus/pull/17120
GHSA-4hmq-ggrm-qfc6 https://github.com/advisories/GHSA-4hmq-ggrm-qfc6
GHSA-4hmq-ggrm-qfc6 https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
No exploits are available.
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/directus/directus
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/directus/directus/issues/17119
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://github.com/directus/directus/issues/17119
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/ Found at https://github.com/directus/directus/issues/17119
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/directus/directus/pull/17120
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://github.com/directus/directus/pull/17120
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/ Found at https://github.com/directus/directus/pull/17120
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:N Found at https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: SSVCv2/E:N/A:N/T:T/P:M/B:A/M:M/D:T/2025-02-25T14:29:56Z/ Found at https://github.com/directus/directus/security/advisories/GHSA-4hmq-ggrm-qfc6
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-27474
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.74955
EPSS Score 0.00828
Published At June 11, 2026, 12:55 p.m.
Date Actor Action Source VulnerableCode Version
2026-06-11T17:27:47.275236+00:00 Vulnrichment Import https://github.com/cisagov/vulnrichment/blob/develop/2023/27xxx/CVE-2023-27474.json 38.6.0