5.105.0
13 years ago
5 hours ago
Known vulnerabilities in the ghost package. This does not include vulnerabilities belonging to this package’s dependencies.
Automatically find and fix vulnerabilities affecting your projects. Snyk scans for vulnerabilities and provides fixes for free.
Fix for freeVulnerability | Vulnerable Version |
---|---|
ghost is a publishing platform Affected versions of this package are vulnerable to Improper Neutralization of Formula Elements in a CSV File during a member CSV export. An attacker can execute arbitrary commands by injecting maliciously crafted CSV content. How to fix Improper Neutralization of Formula Elements in a CSV File? Upgrade | <5.82.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via an SVG profile picture upload. A contributor user can cause scripts to be executed as owner. How to fix Cross-site Scripting (XSS)? Upgrade | <5.83.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) via the How to fix Cross-site Scripting (XSS)? Upgrade | <5.76.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Arbitrary File Read which allows authenticated users to upload files that are symlinks. This can be exploited to perform an arbitrary file read of any file on the host operating system. Note:
Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's How to fix Arbitrary File Read? Upgrade | <5.59.1 |
ghost is a publishing platform Affected versions of this package are vulnerable to Directory Traversal due to allowing remote attackers to read arbitrary files within the active theme's folder via How to fix Directory Traversal? Upgrade | <5.42.1 |
ghost is a publishing platform Affected versions of this package are vulnerable to Information Exposure such that due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack. How to fix Information Exposure? Upgrade | <5.46.1 |
ghost is a publishing platform Affected versions of this package are vulnerable to Access Restriction Bypass that allows contributors to view draft posts of other users via the NOTE: The vendor's position is that this behavior has no security impact. How to fix Access Restriction Bypass? There is no fixed version for | >=0.4.2-rc1 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the How to fix Cross-site Scripting (XSS)? There is no fixed version for | >=0.0.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the How to fix Cross-site Scripting (XSS)? There is no fixed version for | >=0.0.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the How to fix Cross-site Scripting (XSS)? There is no fixed version for | >=0.0.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS) in the How to fix Cross-site Scripting (XSS)? There is no fixed version for | >=0.0.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Remote Code Execution (RCE) via a file that has previously been uploaded using the file upload functionality in the post editor. How to fix Remote Code Execution (RCE)? Upgrade | <4.48.2>=5.0.0 <5.2.3 |
ghost is a publishing platform Affected versions of this package are vulnerable to Access Restriction Bypass. An error in the implementation of the member email change functionality allows unauthenticated users to change the email address of arbitrary member accounts to one they control by crafting a request to the relevant API endpoint, and validating the new address via magic link sent to the new email address. How to fix Access Restriction Bypass? Upgrade | >=4.0.0 <4.15.1>=3.18.0 <3.42.6 |
ghost is a publishing platform Affected versions of this package are vulnerable to Command Injection. Sites using the How to fix Command Injection? Upgrade | <4.15.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Access Restriction Bypass. An error in the implementation of the limits service in 4.0.0 allows all authenticated users (including contributors) to view admin-level API keys via the integrations API endpoint, leading to a privilege escalation vulnerability. How to fix Access Restriction Bypass? Upgrade | >=4.0.0 <4.10.0 |
ghost is a publishing platform Affected versions of this package are vulnerable to Cross-site Scripting (XSS). An unused endpoint added during the development of 4.0.0 has left sites vulnerable to untrusted users gaining access to Ghost Admin. Attackers can gain access by getting logged in users to click a link containing malicious code. Users do not need to enter credentials and may not know they've visited a malicious site. How to fix Cross-site Scripting (XSS)? Upgrade | >=4.0.0 <4.3.3 |