all InfoSec news
Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
Malware Analysis, News and Indicators - Latest topics malware.news
Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one enumeration vulnerability.
Ghost is a content management system with tools to build a website, publish content and send newsletters. Ghost offers paid subscriptions to members and supports a number of integrations with external services.
Talos has identified an authentication bypass vulnerability that can lead to increased privileges. TALOS-2022-1624 (CVE-2022-41654) allows external users to update …
authentication authentication bypass bypass cms enumeration ghost spotlight vulnerabilities vulnerability vulnerability spotlight