CVE-2022-22116

In Directus, versions 9.0.0-alpha.4 through 9.4.1 are vulnerable to stored Cross-Site Scripting (XSS) vulnerability via SVG file upload in media upload functionality. A low privileged attacker can inject arbitrary javascript code which will be executed in a victim’s browser when they open the image URL.

Published: Jan 10, 2022
Updated: May 4, 2025
CVE: CVE-2022-22116
Severity: Low
Exploit:

CVSS v2:

Severity: Low
Score: 3.5
AV:N/AC:M/Au:S/C:N/I:P/A:N

CWEs:

CWE-79

OWASP TOP 10:

A7 - Cross-Site Scripting (XSS)

Affected Software
References

Software	From	Fixed in
rangerstudio / directus	9.0.0-rc74	9.0.0-rc74.x
rangerstudio / directus	9.0.0-rc75	9.0.0-rc75.x
rangerstudio / directus	9.0.0-rc76	9.0.0-rc76.x
rangerstudio / directus	9.0.0-rc77	9.0.0-rc77.x
rangerstudio / directus	9.0.0-rc78	9.0.0-rc78.x
rangerstudio / directus	9.0.0-rc79	9.0.0-rc79.x
rangerstudio / directus	9.0.0-rc80	9.0.0-rc80.x
rangerstudio / directus	9.0.0-rc81	9.0.0-rc81.x
rangerstudio / directus	9.0.0-rc82	9.0.0-rc82.x
rangerstudio / directus	9.0.0-rc83	9.0.0-rc83.x
rangerstudio / directus	9.0.0-rc84	9.0.0-rc84.x
rangerstudio / directus	9.0.0-rc85	9.0.0-rc85.x
rangerstudio / directus	9.0.0-rc86	9.0.0-rc86.x
rangerstudio / directus	9.0.0-rc87	9.0.0-rc87.x
rangerstudio / directus	9.0.0-rc88	9.0.0-rc88.x
rangerstudio / directus	9.0.0-rc89	9.0.0-rc89.x
rangerstudio / directus	9.0.0-rc90	9.0.0-rc90.x
rangerstudio / directus	9.0.0-rc91	9.0.0-rc91.x
rangerstudio / directus	9.0.0-rc92	9.0.0-rc92.x
rangerstudio / directus	9.0.0-rc93	9.0.0-rc93.x
rangerstudio / directus	9.0.0-rc94	9.0.0-rc94.x
rangerstudio / directus	9.0.0-rc95	9.0.0-rc95.x
rangerstudio / directus	9.0.0-rc96	9.0.0-rc96.x
rangerstudio / directus	9.0.0-rc97	9.0.0-rc97.x
rangerstudio / directus	9.0.0-rc98	9.0.0-rc98.x
rangerstudio / directus	9.0.0-rc99	9.0.0-rc99.x
rangerstudio / directus	9.0.0-rc100	9.0.0-rc100.x
rangerstudio / directus	9.0.0-rc101	9.0.0-rc101.x
rangerstudio / directus	9.0.0	9.0.0.x
rangerstudio / directus	9.0.0-alpha10	9.0.0-alpha10.x
rangerstudio / directus	9.0.0-alpha11	9.0.0-alpha11.x
rangerstudio / directus	9.0.0-alpha12	9.0.0-alpha12.x
rangerstudio / directus	9.0.0-alpha13	9.0.0-alpha13.x
rangerstudio / directus	9.0.0-alpha14	9.0.0-alpha14.x
rangerstudio / directus	9.0.0-alpha15	9.0.0-alpha15.x
rangerstudio / directus	9.0.0-alpha16	9.0.0-alpha16.x
rangerstudio / directus	9.0.0-alpha17	9.0.0-alpha17.x
rangerstudio / directus	9.0.0-alpha18	9.0.0-alpha18.x
rangerstudio / directus	9.0.0-alpha19	9.0.0-alpha19.x
rangerstudio / directus	9.0.0-alpha20	9.0.0-alpha20.x
rangerstudio / directus	9.0.0-alpha21	9.0.0-alpha21.x
rangerstudio / directus	9.0.0-alpha22	9.0.0-alpha22.x
rangerstudio / directus	9.0.0-alpha23	9.0.0-alpha23.x
rangerstudio / directus	9.0.0-alpha24	9.0.0-alpha24.x
rangerstudio / directus	9.0.0-alpha25	9.0.0-alpha25.x
rangerstudio / directus	9.0.0-alpha26	9.0.0-alpha26.x
rangerstudio / directus	9.0.0-alpha27	9.0.0-alpha27.x
rangerstudio / directus	9.0.0-alpha31	9.0.0-alpha31.x
rangerstudio / directus	9.0.0-alpha32	9.0.0-alpha32.x
rangerstudio / directus	9.0.0-alpha33	9.0.0-alpha33.x
rangerstudio / directus	9.0.0-alpha34	9.0.0-alpha34.x
rangerstudio / directus	9.0.0-alpha35	9.0.0-alpha35.x
rangerstudio / directus	9.0.0-alpha36	9.0.0-alpha36.x
rangerstudio / directus	9.0.0-alpha37	9.0.0-alpha37.x
rangerstudio / directus	9.0.0-alpha38	9.0.0-alpha38.x
rangerstudio / directus	9.0.0-alpha39	9.0.0-alpha39.x
rangerstudio / directus	9.0.0-alpha4	9.0.0-alpha4.x
rangerstudio / directus	9.0.0-alpha40	9.0.0-alpha40.x
rangerstudio / directus	9.0.0-alpha41	9.0.0-alpha41.x
rangerstudio / directus	9.0.0-alpha42	9.0.0-alpha42.x
rangerstudio / directus	9.0.0-alpha5	9.0.0-alpha5.x
rangerstudio / directus	9.0.0-alpha6	9.0.0-alpha6.x
rangerstudio / directus	9.0.0-alpha7	9.0.0-alpha7.x
rangerstudio / directus	9.0.0-alpha8	9.0.0-alpha8.x
rangerstudio / directus	9.0.0-alpha9	9.0.0-alpha9.x
rangerstudio / directus	9.0.0-beta0	9.0.0-beta0.x
rangerstudio / directus	9.0.0-beta1	9.0.0-beta1.x
rangerstudio / directus	9.0.0-beta10	9.0.0-beta10.x
rangerstudio / directus	9.0.0-beta11	9.0.0-beta11.x
rangerstudio / directus	9.0.0-beta12	9.0.0-beta12.x
rangerstudio / directus	9.0.0-beta13	9.0.0-beta13.x
rangerstudio / directus	9.0.0-beta14	9.0.0-beta14.x
rangerstudio / directus	9.0.0-beta2	9.0.0-beta2.x
rangerstudio / directus	9.0.0-beta3	9.0.0-beta3.x
rangerstudio / directus	9.0.0-beta4	9.0.0-beta4.x
rangerstudio / directus	9.0.0-beta5	9.0.0-beta5.x
rangerstudio / directus	9.0.0-beta7	9.0.0-beta7.x
rangerstudio / directus	9.0.0-beta8	9.0.0-beta8.x
rangerstudio / directus	9.0.0-beta9	9.0.0-beta9.x
rangerstudio / directus	9.0.0-rc0	9.0.0-rc0.x
rangerstudio / directus	9.0.0-rc1	9.0.0-rc1.x
rangerstudio / directus	9.0.0-rc10	9.0.0-rc10.x
rangerstudio / directus	9.0.0-rc11	9.0.0-rc11.x
rangerstudio / directus	9.0.0-rc12	9.0.0-rc12.x
rangerstudio / directus	9.0.0-rc13	9.0.0-rc13.x
rangerstudio / directus	9.0.0-rc14	9.0.0-rc14.x
rangerstudio / directus	9.0.0-rc15	9.0.0-rc15.x
rangerstudio / directus	9.0.0-rc17	9.0.0-rc17.x
rangerstudio / directus	9.0.0-rc18	9.0.0-rc18.x
rangerstudio / directus	9.0.0-rc19	9.0.0-rc19.x
rangerstudio / directus	9.0.0-rc2	9.0.0-rc2.x
rangerstudio / directus	9.0.0-rc20	9.0.0-rc20.x
rangerstudio / directus	9.0.0-rc21	9.0.0-rc21.x
rangerstudio / directus	9.0.0-rc22	9.0.0-rc22.x
rangerstudio / directus	9.0.0-rc23	9.0.0-rc23.x
rangerstudio / directus	9.0.0-rc24	9.0.0-rc24.x
rangerstudio / directus	9.0.0-rc25	9.0.0-rc25.x
rangerstudio / directus	9.0.0-rc26	9.0.0-rc26.x
rangerstudio / directus	9.0.0-rc27	9.0.0-rc27.x
rangerstudio / directus	9.0.0-rc28	9.0.0-rc28.x
rangerstudio / directus	9.0.0-rc29	9.0.0-rc29.x
rangerstudio / directus	9.0.0-rc3	9.0.0-rc3.x
rangerstudio / directus	9.0.0-rc30	9.0.0-rc30.x
rangerstudio / directus	9.0.0-rc31	9.0.0-rc31.x
rangerstudio / directus	9.0.0-rc32	9.0.0-rc32.x
rangerstudio / directus	9.0.0-rc33	9.0.0-rc33.x
rangerstudio / directus	9.0.0-rc34	9.0.0-rc34.x
rangerstudio / directus	9.0.0-rc35	9.0.0-rc35.x
rangerstudio / directus	9.0.0-rc36	9.0.0-rc36.x
rangerstudio / directus	9.0.0-rc37	9.0.0-rc37.x
rangerstudio / directus	9.0.0-rc38	9.0.0-rc38.x
rangerstudio / directus	9.0.0-rc39	9.0.0-rc39.x
rangerstudio / directus	9.0.0-rc4	9.0.0-rc4.x
rangerstudio / directus	9.0.0-rc40	9.0.0-rc40.x
rangerstudio / directus	9.0.0-rc41	9.0.0-rc41.x
rangerstudio / directus	9.0.0-rc42	9.0.0-rc42.x
rangerstudio / directus	9.0.0-rc43	9.0.0-rc43.x
rangerstudio / directus	9.0.0-rc44	9.0.0-rc44.x
rangerstudio / directus	9.0.0-rc45	9.0.0-rc45.x
rangerstudio / directus	9.0.0-rc46	9.0.0-rc46.x
rangerstudio / directus	9.0.0-rc47	9.0.0-rc47.x
rangerstudio / directus	9.0.0-rc48	9.0.0-rc48.x
rangerstudio / directus	9.0.0-rc49	9.0.0-rc49.x
rangerstudio / directus	9.0.0-rc5	9.0.0-rc5.x
rangerstudio / directus	9.0.0-rc50	9.0.0-rc50.x
rangerstudio / directus	9.0.0-rc51	9.0.0-rc51.x
rangerstudio / directus	9.0.0-rc52	9.0.0-rc52.x
rangerstudio / directus	9.0.0-rc53	9.0.0-rc53.x
rangerstudio / directus	9.0.0-rc54	9.0.0-rc54.x
rangerstudio / directus	9.0.0-rc55	9.0.0-rc55.x
rangerstudio / directus	9.0.0-rc56	9.0.0-rc56.x
rangerstudio / directus	9.0.0-rc57	9.0.0-rc57.x
rangerstudio / directus	9.0.0-rc58	9.0.0-rc58.x
rangerstudio / directus	9.0.0-rc59	9.0.0-rc59.x
rangerstudio / directus	9.0.0-rc6	9.0.0-rc6.x
rangerstudio / directus	9.0.0-rc60	9.0.0-rc60.x
rangerstudio / directus	9.0.0-rc61	9.0.0-rc61.x
rangerstudio / directus	9.0.0-rc62	9.0.0-rc62.x
rangerstudio / directus	9.0.0-rc63	9.0.0-rc63.x
rangerstudio / directus	9.0.0-rc64	9.0.0-rc64.x
rangerstudio / directus	9.0.0-rc65	9.0.0-rc65.x
rangerstudio / directus	9.0.0-rc66	9.0.0-rc66.x
rangerstudio / directus	9.0.0-rc67	9.0.0-rc67.x
rangerstudio / directus	9.0.0-rc68	9.0.0-rc68.x
rangerstudio / directus	9.0.0-rc69	9.0.0-rc69.x
rangerstudio / directus	9.0.0-rc7	9.0.0-rc7.x
rangerstudio / directus	9.0.0-rc70	9.0.0-rc70.x
rangerstudio / directus	9.0.0-rc71	9.0.0-rc71.x
rangerstudio / directus	9.0.0-rc72	9.0.0-rc72.x
rangerstudio / directus	9.0.0-rc73	9.0.0-rc73.x
rangerstudio / directus	9.0.0-rc8	9.0.0-rc8.x
rangerstudio / directus	9.0.0-rc9	9.0.0-rc9.x
rangerstudio / directus	9.0.1	9.4.1.x

Vulnerability Database

CVE-2022-22116