5 matches found
CVE-2024-23724
Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...
CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover
The post CVE-2024-23724: Ghost CMS Stored XSS Leading to Owner Takeover appeared first on Rhino Security Labs...
CVE-2024-23724
Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...
CVE-2024-23724
Ghost CMS up to version 5.76.0 is vulnerable to a stored XSS via an SVG profile image containing JavaScript that can interact with the API on localhost:3001, potentially leading to privilege escalation where a contributor can take over any account. The issue is repeatedly described across multipl...
CVE-2024-23724
Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor does not view th...