all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS

Add to bookmarks
Dec. 21, 2022, 6:25 p.m. | MalBot

Malware Analysis, News and Indicators - Latest topics malware.news

Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities.

Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one enumeration vulnerability.

Ghost is a content management system with tools to build a website, publish content and send newsletters. Ghost offers paid subscriptions to members and supports a number of integrations with external services.

Talos has identified an authentication bypass vulnerability that can lead to increased privileges.  TALOS-2022-1624 (CVE-2022-41654) allows external users to update …

authentication authentication bypass bypass cms enumeration ghost spotlight vulnerabilities vulnerability vulnerability spotlight

Visit resource

More from malware.news / Malware Analysis, News and Indicators - Latest topics

Behind Closed Doors: The Rise of Hidden Malicious Remote Access 57 minutes ago | malware.news
access analysis article cybereason +14
Eclypsium Supply Chain Security Platform Wins Global InfoSec Award an hour ago | malware.news
award conference critical eclypsium +24
Tracing what went wrong in 2012 for today’s teens, with Dr. Jean Twenge: Lock and … 2 hours ago | malware.news
code jean twenge lock lock and code +9
$563 Bounty Awarded for Reflected Cross-Site Scripting Vulnerability Patched in Yoast SEO WordPress Plugin 2 hours ago | malware.news
april bounty bug bug bounty +15
Ukraine impacted by escalating Russian financially motivated intrusions 2 hours ago | malware.news
article attacks computer computer emergency response team +17
France ready for 'unprecedented' cyber threats in upcoming Olympics 2 hours ago | malware.news
agency anssi article associated press +25
SynLab Italia attack admitted by Black Basta 2 hours ago | malware.news
article attack basta black basta +15
Significant security gaps found in Chinese government sites 2 hours ago | malware.news
article china chinese chinese government +15
Novel Android vulnerability exposes DNS queries 2 hours ago | malware.news
android android devices android vulnerability article +14

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Consultant infrastructure sécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

SOC Analyst

@ Wix | Tel Aviv, Israel
View on infosec-jobs.com

Information Security Operations Officer

@ International Labour Organization | Geneva, CH, 1200
View on infosec-jobs.com

PMO Cybersécurité H/F

@ Hifield | Sèvres, France
View on infosec-jobs.com

Third Party Risk Management - Consultant

@ KPMG India | Bengaluru, Karnataka, India
View on infosec-jobs.com

Consultant Cyber Sécurité H/F - Strasbourg

@ Hifield | Strasbourg, France
View on infosec-jobs.com
View more jobs