Multiple vulnerabilities in Ghost Foundation Ghost



Published: 2023-01-20
Risk Medium
Patch available NO
Number of vulnerabilities 4
CVE-ID CVE-2022-47195
CVE-2022-47196
CVE-2022-47197
CVE-2022-47194
CWE-ID CWE-453
Exploitation vector Network
Public exploit N/A
Vulnerable software
Subscribe
Ghost
Web applications / Modules and components for CMS

Vendor Ghost Foundation

Security Bulletin

This security bulletin contains information about 4 vulnerabilities.

1) Insecure Default Variable Initialization

EUVDB-ID: #VU71367

Risk: Medium

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-47195

CWE-ID: CWE-453 - Insecure Default Variable Initialization

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to an insecure default variable initialization in the Post Creation functionality. A remote user can inject arbitrary Javascript in posts, leading to privilege escalation to administrator via stored XSS vulnerability in the twitter field.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

Ghost: 5.9.4

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1686


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

2) Insecure Default Variable Initialization

EUVDB-ID: #VU71368

Risk: Medium

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-47196

CWE-ID: CWE-453 - Insecure Default Variable Initialization

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to an insecure default variable initialization in the codeinjection_head. A remote user can inject arbitrary Javascript in posts, leading to privilege escalation to administrator via stored XSS vulnerability in the twitter field.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

Ghost: 5.9.4

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1686


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

3) Insecure Default Variable Initialization

EUVDB-ID: #VU71369

Risk: Medium

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-47197

CWE-ID: CWE-453 - Insecure Default Variable Initialization

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to an insecure default variable initialization in the codeinjection_foot. A remote user can inject arbitrary Javascript in posts, leading to privilege escalation to administrator via stored XSS vulnerability in the twitter field.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

Ghost: 5.9.4

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1686


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

4) Insecure Default Variable Initialization

EUVDB-ID: #VU71370

Risk: Medium

CVSSv3.1: 8.2 [CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:H/E:U/RL:U/RC:C]

CVE-ID: CVE-2022-47194

CWE-ID: CWE-453 - Insecure Default Variable Initialization

Exploit availability: No

Description

The vulnerability allows a remote attacker to escalate privileges on the system.

The vulnerability exists due to an insecure default variable initialization in the twitter field. A remote user can inject arbitrary Javascript in posts, leading to privilege escalation to administrator via stored XSS vulnerability in the twitter field.

Mitigation

Cybersecurity Help is currently unaware of any official solution to address this vulnerability..

Vulnerable software versions

Ghost: 5.9.4

CPE2.3 External links

http://talosintelligence.com/vulnerability_reports/TALOS-2022-1686


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.



###SIDEBAR###