darraghduffy  Dec 23, 2022
BleepingComputer

A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing ones so that they contain malicious JavaScript.

https://www.bleepingcomputer.com/news/security/ghost-cms-vulnerable-to-critical-authentication-bypass-flaw/

Ghost CMS vulnerable to critical authentication bypass flaw

A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing ones so that they contain malicious JavaScript.

BleepingComputer
Dec 23, 2022 at 8:14amWeb