This security bulletin contains one low risk vulnerability.
The vulnerability allows a local user to gain access to sensitive information.
The vulnerability exists in the way Ghost stores secret settings. A local user can view contents of application files and obtain secret settings.
Install updates from vendor's website.Vulnerable software versions
Ghost: 3.0.0 - 4.2.1Fixed software versions
Q & A
Can this vulnerability be exploited remotely?
Is there known malware, which exploits this vulnerability?