Skip to main content

Ghost CVE-2023-31133

HIGH
Information Exposure (CWE-200)
2023-05-08 security-advisories@github.com
7.5
CVSS 3.1 · NVD
Share

Severity by source

NVD PRIMARY
7.5 HIGH
AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Primary rating from NVD · only source for this CVE.

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

1
CVE Published
May 08, 2023 - 21:15 nvd
HIGH 7.5

DescriptionNVD

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack.

Ghost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to /ghost/api/content/* where the filter query parameter contains password or email.

AnalysisAI

Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Exposure of Sensitive Information vulnerability could allow attackers to access sensitive data that should not be disclosed.

Technical ContextAI

This vulnerability is classified as Exposure of Sensitive Information (CWE-200), which allows attackers to access sensitive data that should not be disclosed. Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack. Ghost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to /ghost/api/content/* where the filter query parameter contains password or email. Affected products include: Ghost. Version information: version 5.46.1.

RemediationAI

A vendor patch is available. Apply the latest security update as soon as possible. Minimize information in error messages, implement proper access controls, encrypt sensitive data at rest and in transit.

More in Ghost

View all
CVE-2022-28397 CRITICAL POC
9.8 Apr 12

An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitr

CVE-2022-27139 CRITICAL POC
9.8 Apr 12

An arbitrary file upload vulnerability in the file upload module of Ghost v4.39.0 allows attackers to execute arbitrary

CVE-2024-34451 CRITICAL POC
9.1 Jun 16

Ghost through 5.85.1 allows remote attackers to bypass an authentication rate-limit protection mechanism by using many X

CVE-2024-23724 CRITICAL POC
9.0 Feb 11

Ghost through 5.76.0 allows stored XSS, and resultant privilege escalation in which a contributor can take over any acco

CVE-2024-34448 HIGH POC
8.8 May 22

Ghost before 5.82.0 allows CSV Injection during a member CSV export. Rated high severity (CVSS 8.8), this vulnerability

CVE-2020-8134 HIGH POC
8.1 Mar 20

Server-side request forgery (SSRF) vulnerability in Ghost CMS < 3.10.0 allows an attacker to scan local or external netw

CVE-2023-32235 HIGH POC
7.5 May 05

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2

CVE-2021-29484 MEDIUM POC
6.8 Apr 29

Ghost is a Node.js CMS. Rated medium severity (CVSS 6.8), this vulnerability is remotely exploitable, no authentication

CVE-2023-40028 MEDIUM POC
6.5 Aug 15

Ghost is an open source content management system. Rated medium severity (CVSS 6.5), this vulnerability is remotely expl

CVE-2025-9862 MEDIUM POC
6.1 Sep 17

Server-Side Request Forgery (SSRF) vulnerability in Ghost allows an attacker to access internal resources.0.0 through 6.

CVE-2026-53943 CRITICAL
9.6 Jun 24

Web cache poisoning in the Ghost Node.js CMS before 6.37.0 lets an unauthenticated attacker inject an x-ghost-preview he

CVE-2022-41697 MEDIUM POC
5.3 Dec 22

A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. Rated medium severit

Share

CVE-2023-31133 vulnerability details – vuln.today

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy