CVE-2023-32235

2023-05-0505:15:09

Google

osv.dev

cve-2023-32235

remote attackers

arbitrary files

active theme

folder

directory traversal

frontend

middleware

static theme

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

7.2 High

AI Score

Confidence

Low

0.888 High

EPSS

Percentile

98.7%

JSON

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme’s folder via /assets/built%2F…%2F…%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.

CPENameOperatorVersion
ghosteq5.1.0
ghosteq1.25.5
ghosteq5.8.0
ghosteq4.36.2
ghosteq3.18.1
ghosteq@tryghost/[email protected]
ghosteq5.22.3
ghosteq@tryghost/[email protected]
ghosteq@tryghost/[email protected]
ghosteq@tryghost/[email protected]

Name	Operator	Version
ghost	eq	5.1.0
ghost	eq	1.25.5
ghost	eq	5.8.0
ghost	eq	4.36.2
ghost	eq	3.18.1
ghost	eq	@tryghost/[email protected]
ghost	eq	5.22.3
ghost	eq	@tryghost/[email protected]
ghost	eq	@tryghost/[email protected]
ghost	eq	@tryghost/[email protected]