Ghost CMS vulnerable to critical authentication bypass flaw


Ghost CMS logo over a ghostly figure

A critical vulnerability in the Ghost CMS newsletter subscription system could allow external users to create newsletters or modify existing ones so that they contain malicious JavaScript.

Such an action could allow threat actors to perform large-scale phishing attacks from normally harmless sites. Furthermore, the injection of JavaScript has been shown to allow XSS vulnerabilities that could enable threat actors to gain full access to a site.

Ghost is a free and open-source CMS for building websites, publishing content, and sending newsletters, used as a speedier and simpler alternative to WordPress.

According to BuiltWith, Ghost is used by approximately 126k websites, with most of them based in the United States, the United Kingdom, and Germany.

Read more…