Security Advisory

CVE-2024-43409

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2024-08-20 15:05:04

Last updated 2024-09-03 14:58:35

Assigner GitHub_M

State PUBLISHED

Description

Ghost is a Node.js content management system. Improper authentication on some endpoints used for member actions would allow an attacker to perform member-only actions, and read member information. This security vulnerability is present in Ghost v4.46.0-v5.89.4. v5.89.5 contains a fix for this issue.

← Browse all CVEs View on cve.org ↗