Lucene search
+L

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 12:11 a.m.12 views

CVE-2022-47194

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

9CVSS6AI score0.00823EPSS
Exploits1References1
CVE
CVE
added 2023/01/19 5:2 p.m.83 views

CVE-2022-47194

CVE-2022-47194 affects Ghost Foundation Ghost 5.9.4. A stored XSS flaw exists in the Post Creation workflow and in the user’s twitter field, enabling non-administrator users to inject JavaScript into posts which can escalate to administrator privileges when the affected post is viewed. Exploitati...

9CVSS5.4AI score0.00823EPSS
Exploits1References2Affected Software1
Cvelist
Cvelist
added 2023/01/19 5:2 p.m.39 views

CVE-2022-47194

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

9CVSS5.6AI score0.00823EPSS
Exploits1References1
Talos
Talos
added 2023/01/19 12:0 a.m.59 views

Ghost Foundation Ghost Post Creation insecure default installation vulnerability

Talos Vulnerability Report TALOS-2022-1686 Ghost Foundation Ghost Post Creation insecure default installation vulnerability January 19, 2023 CVE Number CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196 SUMMARY An insecure default vulnerability exists in the Post Creation functionality o...

9CVSS6.1AI score0.01024EPSS
Exploits4
Rows per page
Query Builder