ghost@2.0.0 vulnerabilities

The professional publishing platform

latest version

5.101.2
first published

13 years ago
latest version published

2 days ago
licenses detected
- MIT
  >=0
View ghost package health on Snyk Advisor Open this link in a new tab

Report a new vulnerability Found a mistake?

Direct Vulnerabilities

Known vulnerabilities in the ghost package. This does not include vulnerabilities belonging to this package’s dependencies.

Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.

Fix for free

Vulnerability	Vulnerable Version
H Improper Neutralization of Formula Elements in a CSV File ghost is a publishing platform Affected versions of this package are vulnerable to Improper Neutralization of Formula Elements in a CSV File during a member CSV export. An attacker can execute arbitrary commands by injecting maliciously crafted CSV content. How to fix Improper Neutralization of Formula Elements in a CSV File? Upgrade `ghost` to version 5.82.0 or higher.	<5.82.0
M Cross-site Scripting (XSS) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via an SVG profile picture upload. A contributor user can cause scripts to be executed as owner. How to fix Cross-site Scripting (XSS)? Upgrade `ghost` to version 5.83.0 or higher.	<5.83.0
M Cross-site Scripting (XSS) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the `excerpt.js` component. An attacker can inject and execute arbitrary script code in the context of the user's browser session by crafting a malicious post excerpt. How to fix Cross-site Scripting (XSS)? Upgrade `ghost` to version 5.76.0 or higher.	<5.76.0
M Arbitrary File Read ghost is a publishing platform Affected versions of this package are vulnerable to Arbitrary File Read which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Note: Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder. How to fix Arbitrary File Read? Upgrade `ghost` to version 5.59.1 or higher.	<5.59.1
H Directory Traversal ghost is a publishing platform Affected versions of this package are vulnerable to Directory Traversal due to allowing remote attackers to read arbitrary files within the active theme's folder via `/assets/built%2F..%2F..%2F/`. This occurs in `frontend/web/middleware/static-theme.js` file. How to fix Directory Traversal? Upgrade `ghost` to version 5.42.1 or higher.	<5.42.1
H Information Exposure ghost is a publishing platform Affected versions of this package are vulnerable to Information Exposure such that due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack. How to fix Information Exposure? Upgrade `ghost` to version 5.46.1 or higher.	<5.46.1
M Access Restriction Bypass ghost is a publishing platform Affected versions of this package are vulnerable to Access Restriction Bypass that allows contributors to view draft posts of other users via the `/ghost/api/admin/posts` endpoint and draft pages of other users via the `/ghost/api/admin/pages` endpoint. NOTE: The vendor's position is that this behavior has no security impact. How to fix Access Restriction Bypass? There is no fixed version for `ghost`.	>=0.4.2-rc1
M Cross-site Scripting (XSS) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the `codeinjection_foot` field, which allows users to inject JavaScript into posts. How to fix Cross-site Scripting (XSS)? There is no fixed version for `ghost`.	>=0.0.0
M Cross-site Scripting (XSS) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the `codeinjection_head` field, which allows users to inject JavaScript into posts. How to fix Cross-site Scripting (XSS)? There is no fixed version for `ghost`.	>=0.0.0
M Cross-site Scripting (XSS) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the `facebook` field, which allows users to inject JavaScript into posts. How to fix Cross-site Scripting (XSS)? There is no fixed version for `ghost`.	>=0.0.0
M Cross-site Scripting (XSS) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the `twitter` field, which allows users to inject JavaScript into posts. How to fix Cross-site Scripting (XSS)? There is no fixed version for `ghost`.	>=0.0.0
M Remote Code Execution (RCE) ghost is a publishing platform Affected versions of this package are vulnerable to Remote Code Execution (RCE) via a file that has previously been uploaded using the file upload functionality in the post editor. How to fix Remote Code Execution (RCE)? Upgrade `ghost` to version 4.48.2, 5.2.3 or higher.	<4.48.2 >=5.0.0 <5.2.3
M Command Injection ghost is a publishing platform Affected versions of this package are vulnerable to Command Injection. Sites using the `sendmail` transport as part of their `mail` config are vulnerable to remote command injection due to a vulnerability in the `nodemailer` dependency. Ghost defaults to the `direct` transport so this is only exploitable if the `sendmail` transport is explicitly used. How to fix Command Injection? Upgrade `ghost` to version 4.15.0 or higher.	<4.15.0
M Open Redirect ghost is a publishing platform Affected versions of this package are vulnerable to Open Redirect. It allows redirecting to external sites after providing private site password. How to fix Open Redirect? Upgrade `ghost` to version 3.41.1 or higher.	<3.41.1
M Open Redirect ghost is a publishing platform Affected versions of this package are vulnerable to Open Redirect. It is possible for an attack to redirect a user to an external sit after providing a private site password. How to fix Open Redirect? Upgrade `ghost` to version 2.38.3 or higher.	<2.38.3
L Server-side Request Forgery (SSRF) ghost is a publishing platform Affected versions of this package are vulnerable to Server-side Request Forgery (SSRF). It provides an attacker the ability of Internal port scanning, or reading `oembed` contents from the internal network. How to fix Server-side Request Forgery (SSRF)? Upgrade `ghost` to version 2.38.2 or higher.	<2.38.2
M Cross-Site Request Forgery (CSRF) ghost is a publishing platform Affected versions of this package are vulnerable to Cross-Site Request Forgery (CSRF). Previously, when Ghost could not determine an origin of a request it would return a `null` value as a default, thereby allowing for requests sent from origins other than the domains the user logged in from. How to fix Cross-Site Request Forgery (CSRF)? Upgrade `ghost` to version 3.13.0 or higher.	<3.13.0
M Server Side Request Forgery (SSRF) ghost is a publishing platform Affected versions of this package are vulnerable to Server Side Request Forgery (SSRF). The `getOembedUrlFromHTML()` function does not sanitize user input. How to fix Server Side Request Forgery (SSRF)? Upgrade `ghost` to version 2.38.1, 3.10.0 or higher.	<2.38.1 >=3.0.0 <3.10.0

Go back to all versions of this package

ghost@2.0.0 vulnerabilities

The professional publishing platform

latest version

first published

latest version published

licenses detected

Direct Vulnerabilities