CVE-2024-23725 | Ghost up to 5.75.x Post Summary excerpt.js cross site scripting

Posted by Angelo Barbosa | Jan 21, 2024 | CVE

A vulnerability, which was classified as problematic, has been found in Ghost up to 5.75.x. This issue affects some unknown processing of the file excerpt.js of the component Post Summary Handler. The manipulation leads to cross site scripting.

The identification of this vulnerability is CVE-2024-23725. The attack may be initiated remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-23725 | Ghost up to 5.75.x Post Summary excerpt.js cross site scripting

Related Posts

CVE-2023-50933 | IBM PowerSC 1.3/2.0/2.1 cross site scripting (XFDB-275113)

CVE-2024-5654 | CF7 Google Sheets Connector Plugin up to 5.0.9 on WordPress Configuration authorization

CVE-2024-3851 | imartinez privategpt cross site scripting

CVE-2024-4492 | Tenda i21 1.0.0.14(4656) /goform/setStaOffline formOfflineSet GO/ssidIndex stack-based overflow