Two New Security Flaws Reported in Ghost CMS Blogging Software

Cybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which could be abused to elevate privileges via specially crafted HTTP requests. Ghost is an open source blogging platform that's used in more than 52,600 live websites, mos...

PT-2022-26007 · Ghost Foundation · Ghost

Name of the Vulnerable Software and Affected Versions: Ghost Foundation Ghost versions 4.46.0 through 4.48.7 Ghost Foundation Ghost versions 5.0.0 through 5.22.6 Ghost Foundation Ghost version 5.9.4 Description: An authentication bypass vulnerability exists in the newsletter subscription...