Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.
History

No history.

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-01-21T00:00:00

Updated: 2024-08-01T23:13:07.429Z

Reserved: 2024-01-21T00:00:00

Link: CVE-2024-23725

cve-icon Vulnrichment

No data.

cve-icon NVD

Status : Modified

Published: 2024-01-21T04:15:19.177

Modified: 2024-11-21T08:58:15.050

Link: CVE-2024-23725

cve-icon Redhat

No data.