Cross-site Scripting (XSS)
Overview ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting XSS via the Portal preview links, an attacker could craft a malicious link that, when accessed by an authenticated staff user or member, would execute JavaScript with the victim's...