Based on the provided web page screenshot, the following key vulnerability information can be extracted: Vulnerability Details - Vulnerability Type: Stored Cross-Site Scripting (XSS) - Risk Rating: Moderate - Vulnerability ID: GHSA-vv2v-pw69-8crf - CVE Identifier: CVE-2025-64747 - Related Flaw: CWE-20 (Improper Input Validation) Affected and Fixed Versions - Affected Versions: directus < 11.13.0 - Fixed Version: 11.13.0 Vulnerability Description - A stored XSS vulnerability exists, allowing users with "upload files" and "edit items" permissions to inject malicious JavaScript via the block editor interface. - Attackers can bypass Content Security Policy (CSP) restrictions by combining file uploads with the attribute of an iframe, leading to persistent XSS execution. - The core issue lies in the block editor interface's inadequate input validation when processing JSON content containing HTML elements. Attack Vector - JavaScript File Upload: Attackers exploit the file interface to upload malicious JavaScript files and obtain an accessible file ID within the resource directory. - Block Editor Exploitation: Using the block editor’s JSON field, attackers inject raw HTML containing an iframe attribute referencing the uploaded file to carry out the attack. - CSP Bypass: The iframe technique creates a new document context to load the uploaded script, circumventing existing CSP protections. Vulnerability Impact - Persistent XSS: Malicious scripts execute every time infected content is viewed. - Session Hijacking: Attackers can steal authentication tokens and cookies of users viewing the infected content. - Administrator Privilege Abuse: If administrators view infected content, their elevated privileges may be exploited. - CSP Bypass: Demonstrates failure of security controls, potentially affecting other protective measures. - Data Exfiltration: Enables theft of sensitive information displayed within the application. - Phishing Attacks: Injection of convincing fake login forms or malicious redirects.