Количество 3
Количество 3
CVE-2026-22597
Ghost is a Node.js content management system. In versions 5.38.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost’s media inliner mechanism allows staff users in possession of a valid authentication token for the Ghost Admin API to exfiltrate data from internal systems via SSRF. This issue has been patched in versions 5.130.6 and 6.11.0.
CVE-2026-22597
Ghost is a Node.js content management system. In versions 5.38.0 throu ...
GHSA-vmc4-9828-r48r
Ghost has SSRF via External Media Inliner
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2026-22597 Ghost is a Node.js content management system. In versions 5.38.0 through 5.130.5 and 6.0.0 through 6.10.3, a vulnerability in Ghost’s media inliner mechanism allows staff users in possession of a valid authentication token for the Ghost Admin API to exfiltrate data from internal systems via SSRF. This issue has been patched in versions 5.130.6 and 6.11.0. | CVSS3: 2.7 | 0% Низкий | 10 дней назад |
| CVE-2026-22597 Ghost is a Node.js content management system. In versions 5.38.0 throu ... | CVSS3: 2.7 | 0% Низкий | 10 дней назад |
| GHSA-vmc4-9828-r48r Ghost has SSRF via External Media Inliner | 0% Низкий | 12 дней назад |
Уязвимостей на страницу