CVE-2019-13983

Publication date

2019-07-19 14:17:42

Family

mitre

State

PUBLISHED

Description

Directus 7 API before 2.2.2 has insufficient anti-automation, as demonstrated by lack of a CAPTCHA in core/Directus/Services/AuthService.php and endpoints/Auth.php.