CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Ghost: >> Ghost >> 4.47.1 Security Vulnerabilities

CVE-2022-41654

An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.

CVSS Score

9.6

EPSS Score

0.003

Published

2022-12-22

Page 2

Vulnerabilities

Vulnerable Software

Ghost: >> Ghost >> 4.47.1 Security Vulnerabilities

Products

Pricing

Contact Us