Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
N/A
Vulnerability Description
An authentication bypass vulnerability exists in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to increased privileges. An attacker can send an HTTP request to trigger this vulnerability.
CVSS Information
N/A
Vulnerability Type
访问控制不恰当
Vulnerability Title
Ghost CMS访问控制错误漏洞
Vulnerability Description
Ghost CMS是新加坡Ghost基金会的一套使用JavaScript编写的开源无头内容管理系统(CMS)。 Ghost CMS 5.9.4版本存在访问控制错误漏洞,该漏洞源于时事通讯订阅功能中存在身份验证绕过漏洞,特别制作的HTTP请求可能导致权限增加。
CVSS Information
N/A
Vulnerability Type
N/A