7 matches found
Discourse 安全漏洞
Discourse is an open-source community discussion platform developed by Discourse. This platform includes features such as communities, email communication, and chat rooms. Versions of Discourse prior to 2026.3.0-latest.1, 2026.2.1, and 2026.1.2 contain security vulnerabilities. These...
Cross-site Scripting (XSS)
ghost is vulnerable to Cross-site Scripting XSS. The vulnerability is due to a lack excerptText sanitization within excerpt.js, allowing an attacker to craft malicious payloads that will be rendered in post summaries...
GHSA-FH38-9FGR-454W Cross-site Scripting in Ghost
Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries...
CVE-2024-23725
Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries...
CVE-2024-23725
Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries...
Cross site scripting
Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries...
CVE-2024-23725
Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries...