Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/02/06 12:8 a.m.18 views

CVE-2022-47196

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

9CVSS6AI score0.00682EPSS
Exploits1
CVE
CVE
added 2023/01/19 5:2 p.m.60 views

CVE-2022-47196

CVE-2022-47196 affects Ghost Foundation Ghost 5.9.4. A stored XSS vulnerability exists in the post creation feature: non-administrator users can inject arbitrary JavaScript via the post’s codeinjection_head, potentially escalating privileges to administrator when an admin views the post. The issu...

9CVSS5.4AI score0.00682EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2023/01/19 5:2 p.m.8 views

CVE-2022-47196

An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger this...

9CVSS6.1AI score0.00682EPSS
Exploits1References1
Talos
Talos
added 2023/01/19 12:0 a.m.59 views

Ghost Foundation Ghost Post Creation insecure default installation vulnerability

Talos Vulnerability Report TALOS-2022-1686 Ghost Foundation Ghost Post Creation insecure default installation vulnerability January 19, 2023 CVE Number CVE-2022-47197,CVE-2022-47195,CVE-2022-47194,CVE-2022-47196 SUMMARY An insecure default vulnerability exists in the Post Creation functionality o...

9CVSS6.1AI score0.01024EPSS
Exploits4
Rows per page
Query Builder