4 matches found
CVE-2026-24778
Ghost is an open source content management system. In Ghost versions 5.43.0 through 5.12.04 and 6.0.0 through 6.14.0, an attacker was able to craft a malicious link that, when accessed by an authenticated staff user or member, would execute JavaScript with the victim's permissions, potentially...
CVE-2026-24778
Ghost is an open source content management system. In Ghost versions 5.43.0 through 5.12.04 and 6.0.0 through 6.14.0, an attacker was able to craft a malicious link that, when accessed by an authenticated staff user or member, would execute JavaScript with the victim's permissions, potentially...
CVE-2026-24778 Ghost vulnerable to XSS via malicious Portal preview links
Ghost is an open source content management system. In Ghost versions 5.43.0 through 5.12.04 and 6.0.0 through 6.14.0, an attacker was able to craft a malicious link that, when accessed by an authenticated staff user or member, would execute JavaScript with the victim's permissions, potentially...
PT-2026-5028
Name of the Vulnerable Software and Affected Versions Ghost versions 5.43.0 through 5.12.04 Ghost versions 6.0.0 through 6.14.0 Ghost Portal versions 2.29.1 through 2.51.4 Ghost Portal versions 2.52.0 through 2.57.0 Description Ghost is a content management system. An attacker can create a...