Security News > 2022 > December > Ghost CMS vulnerable to critical authentication bypass flaw

2022-12-23 08:12
A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing ones so that they contain malicious JavaScript. [...]
News URL
Related news
- Moxa Issues Fix for Critical Authentication Bypass Vulnerability in PT Switches (source)
- GitLab patches critical authentication bypass vulnerabilities (source)
- Critical Next.js Vulnerability Allows Attackers to Bypass Middleware Authorization Checks (source)
- Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) (source)
- Critical flaw in Next.js lets hackers bypass authorization (source)
- Critical Ingress NGINX Controller Vulnerability Allows RCE Without Authentication (source)
- Broadcom warns of authentication bypass in VMware Windows Tools (source)
- Update VMware Tools for Windows Now: High-Severity Flaw Lets Hackers Bypass Authentication (source)
- Critical auth bypass bug in CrushFTP now exploited in attacks (source)
- ASUS warns of critical auth bypass flaw in routers using AiCloud (source)