Количество 3
Количество 3
CVE-2023-26510
Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this behavior has no security impact.
CVE-2023-26510
Ghost 5.35.0 allows authorization bypass: contributors can view draft ...
GHSA-wx96-h8xj-9x6g
Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this behavior has no security impact.
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2023-26510 Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this behavior has no security impact. | CVSS3: 5.7 | 0% Низкий | почти 3 года назад |
| CVE-2023-26510 Ghost 5.35.0 allows authorization bypass: contributors can view draft ... | CVSS3: 5.7 | 0% Низкий | почти 3 года назад |
| GHSA-wx96-h8xj-9x6g Ghost 5.35.0 allows authorization bypass: contributors can view draft posts of other users, which is arguably inconsistent with a security policy in which a contributor's draft can only be read by editors until published by an editor. NOTE: the vendor's position is that this behavior has no security impact. | CVSS3: 5.7 | 0% Низкий | почти 3 года назад |
Уязвимостей на страницу