Bitnami package
ghost
pkg:bitnami/ghost
Vulnerabilities (38)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2024-34559 | Hig | 7.5 | < 1.5.0 | 1.5.0 | May 14, 2024 | Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0. | |
| CVE-2024-23724 | — | < 5.82.11 | 5.82.11 | Feb 11, 2024 | Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor | ||
| CVE-2024-23725 | — | < 5.76.0 | 5.76.0 | Jan 21, 2024 | Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries. | ||
| CVE-2023-40028 | — | < 5.59.1 | 5.59.1 | Aug 15, 2023 | Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site ad | ||
| CVE-2023-31133 | — | < 5.46.1 | 5.46.1 | May 8, 2023 | Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fiel | ||
| CVE-2023-32235 | — | < 5.42.1 | 5.42.1 | May 5, 2023 | Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js. | ||
| CVE-2023-26510 | — | >= 5.35.0, < 5.35.1 | 5.35.1 | Mar 5, 2023 | Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this beha | ||
| CVE-2022-47197 | — | >= 5.9.4, < 5.9.5 | 5.9.5 | Jan 19, 2023 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger | ||
| CVE-2022-47196 | — | >= 5.9.4, < 5.9.5 | 5.9.5 | Jan 19, 2023 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger | ||
| CVE-2022-47195 | — | >= 5.9.4, < 5.9.5 | 5.9.5 | Jan 19, 2023 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger | ||
| CVE-2022-47194 | — | >= 5.9.4, < 5.9.5 | 5.9.5 | Jan 19, 2023 | An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger | ||
| CVE-2022-41697 | — | >= 5.9.4, < 5.9.5 | 5.9.5 | Dec 23, 2022 | A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability. | ||
| CVE-2022-41654 | — | >= 4.46.0, < 4.48.8 | 4.48.8 | Dec 23, 2022 | An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability. | ||
| CVE-2022-28397 | — | >= 4.42.0, < 4.42.1 | 4.42.1 | Apr 12, 2022 | An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this | ||
| CVE-2022-27139 | — | >= 4.39.0, < 4.39.1 | 4.39.1 | Apr 12, 2022 | An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authenticated us | ||
| CVE-2021-39192 | — | >= 4.0.0, < 4.10.0 | 4.10.0 | Sep 3, 2021 | Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escal | ||
| CVE-2021-29484 | — | >= 4.0.0, < 4.3.3 | 4.3.3 | Apr 29, 2021 | Ghost is a Node.js CMS. An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logged in users to click a link containing malicious code. Users do not need to enter | ||
| CVE-2020-8134 | — | < 3.10.0 | 3.10.0 | Mar 20, 2020 | Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems. |
- affected < 1.5.0fixed 1.5.0
Insertion of Sensitive Information into Log File vulnerability in Ghost Foundation Ghost.This issue affects Ghost: from n/a through 1.4.0.
- CVE-2024-23724Feb 11, 2024affected < 5.82.11fixed 5.82.11
Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any account, via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. NOTE: The discoverer reports that "The vendor
- CVE-2024-23725Jan 21, 2024affected < 5.76.0fixed 5.76.0
Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.
- CVE-2023-40028Aug 15, 2023affected < 5.59.1fixed 5.59.1
Ghost is an open source content management system. Versions prior to 5.59.1 are subject to a vulnerability which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Site ad
- CVE-2023-31133May 8, 2023affected < 5.46.1fixed 5.46.1
Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fiel
- CVE-2023-32235May 5, 2023affected < 5.42.1fixed 5.42.1
Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.
- CVE-2023-26510Mar 5, 2023affected >= 5.35.0, < 5.35.1fixed 5.35.1
Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this beha
- CVE-2022-47197Jan 19, 2023affected >= 5.9.4, < 5.9.5fixed 5.9.5
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger
- CVE-2022-47196Jan 19, 2023affected >= 5.9.4, < 5.9.5fixed 5.9.5
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger
- CVE-2022-47195Jan 19, 2023affected >= 5.9.4, < 5.9.5fixed 5.9.5
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger
- CVE-2022-47194Jan 19, 2023affected >= 5.9.4, < 5.9.5fixed 5.9.5
An insecure default vulnerability exists in the Post Creation functionality of Ghost Foundation Ghost 5.9.4. Default installations of Ghost allow non-administrator users to inject arbitrary Javascript in posts, which allow privilege escalation to administrator via XSS. To trigger
- CVE-2022-41697Dec 23, 2022affected >= 5.9.4, < 5.9.5fixed 5.9.5
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.
- CVE-2022-41654Dec 23, 2022affected >= 4.46.0, < 4.48.8fixed 4.48.8
An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.
- CVE-2022-28397Apr 12, 2022affected >= 4.42.0, < 4.42.1fixed 4.42.1
An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this
- CVE-2022-27139Apr 12, 2022affected >= 4.39.0, < 4.39.1fixed 4.39.1
An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary code via a crafted SVG file. NOTE: Vendor states that as outlined in Ghost's security documentation, upload of SVGs is only possible by trusted authenticated us
- CVE-2021-39192Sep 3, 2021affected >= 4.0.0, < 4.10.0fixed 4.10.0
Ghost is a Node.js content management system. An error in the implementation of the limits service between versions 4.0.0 and 4.9.4 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escal
- CVE-2021-29484Apr 29, 2021affected >= 4.0.0, < 4.3.3fixed 4.3.3
Ghost is a Node.js CMS. An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logged in users to click a link containing malicious code. Users do not need to enter
- CVE-2020-8134Mar 20, 2020affected < 3.10.0fixed 3.10.0
Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external network or otherwise interact with internal systems.
Page 2 of 2