One Article Review
| Source |  The Hacker News |
|---|---|
| Identifiant | 8293651 |
| Date de publication | 2022-12-22 15:39:00 (vue: 2022-12-22 11:05:40) |
| Titre | Two New Security Flaws Reported in Ghost CMS Blogging Software |
| Texte | Cybersecurity researchers have detailed two security flaws in the JavaScript-based blogging platform known as Ghost, one of which could be abused to elevate privileges via specially crafted HTTP requests. Tracked as CVE-2022-41654 (CVSS score: 8.5), the authentication bypass vulnerability that allows unprivileged users (i.e., members) to make unauthorized modifications to newsletter settings. |
| Notes | ★★★ |
| Envoyé | Oui |
| Condensat | 2022 41654 abused allows as ghost authentication based blogging bypass cms could crafted cve cvss cybersecurity detailed elevate flaws ghost have http javascript known make members modifications new newsletter one platform privileges reported requests researchers score: security settings software specially tracked two unauthorized unprivileged users vulnerability which |
| Tags | Vulnerability |
| Stories | |
| Move | 
|
L'article ne semble pas avoir été repris aprés sa publication.
L'article ne semble pas avoir été repris sur un précédent.