Check the status of CVEs. Learn More.
Keeping your systems up 100% of the time requires live patching. Our solutions will align strongly with your risk, compliance, and operational uptime requirements.
TuxCare is trusted by the most innovative companies across the globe.
Learn about TuxCare's modern approach to reducing cybersecurity risk with Blogs, White Papers, and more.
Continually increasing Cybersecurity, stability, and availability of Linux servers and open source software since 2009.
TuxCare provides live security patching for numerous industries. Learn how TuxCare is minimizing risk for companies around the world.
2x a month. No spam.
January 3, 2023 - TuxCare expert team
According to Cisco Talos, two vulnerabilities in the Ghost CMS newsletter subscription system, CVE-2022-41654, and CVE-2022-41697, exist in the newsletter subscription functionality of Ghost Foundation Ghost 5.9.4.
External users can exploit the vulnerabilities to create new newsletters or modify existing ones. External actors can also create newsletters or modify existing ones by injecting malicious JavaScript into them.
The authentication bypass vulnerability, tracked as CVE-2022-41654 (CVSS score: 9.6) and CVE-2022-41697, allows unprivileged users to make unauthorized changes to newsletter settings.
For CVE-2022-41654, it allows members (unprivileged users) to change newsletter settings on sites where members are enabled by default. This allows unprivileged users to view and change settings that they were not supposed to have access to. They are unable to permanently escalate their privileges or gain access to additional information. This problem was caused by a flaw in nested object API validation.
Another issue stemming from the same flaw is the ability to inject JavaScript into the newsletter, which Ghost allows by default, assuming only administrators have access to this powerful function. This was revealed when Cisco Talos team exploited this flaw to inject an XSS (cross-site scripting) object into the system, which was triggered when the administrator attempted to edit the default newsletter.
CVE-2022-41697, on the other hand, allows a specially-crafted HTTP request to lead to increased privileges. An attacker can exploit this vulnerability by sending an HTTP request. The use of an unknown input results in an access control vulnerability. CWE-284 results from using CWE to declare the problem. The software does not restrict or incorrectly restricts unauthorized actor access to a resource. Confidentiality, integrity, and availability are all jeopardized.
Ghost has patched the two vulnerabilities in the most recent version of the CMS.
The sources for this piece include an article in BleepingComputer.
Learn About Live Patching with TuxCare
According to CyberArk researchers, GPT-based models like ChatGPT can be...
Malicious hackers have started exploiting a critical vulnerability CVE-2022-44877 in...
Deep Instinct researchers reported that RATs like StrRAT and Ratty...
According to CircleCI’s CTO, Rob Zuber, CircleCI is working with...
A remote attacker could exploit multiple vulnerabilities in four Cisco...
In a notable IcedID malware attack, the assailant impacted the...
Tech Support
Documentation
Login
Contact Us