Lucene search
China National Vulnerability DatabaseCNVD-2023-00011HistoryDec 26, 2022 - 12:00 a.m.
Ghost information leakage vulnerability
2022-12-2600:00:00
China National Vulnerability Database
www.cnvd.org.cn
16
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Ghost is an open source headless content management system written in JavaScript from the Ghost Foundation in Singapore. ghost has a security vulnerability that could be exploited by remote attackers to submit special requests and obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| ghost ghost | eq | 5.9.4 |
Related
cve
cve
CVE-2022-41697
2022-12-22 10:15:00
cvelist
cvelist
CVE-2022-41697
2022-12-22 00:00:00
osv
osv
BIT-ghost-2022-41697
2024-03-06 10:53:30
CVE-2022-41697
2022-12-22 10:15:10
prion
prion
Design/Logic Flaw
2022-12-22 10:15:00
talos
talos
Ghost user enumeration vulnerablity
2022-12-21 00:00:00
thn
thn
Two New Security Flaws Reported in Ghost CMS Blogging Software
2022-12-22 10:09:00
talosblog
talosblog
5.3 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Related for CNVD-2023-00011