Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: mitre
Published: 2024-01-21T00:00:00
Updated: 2024-08-01T23:13:07.429Z
Reserved: 2024-01-21T00:00:00
Link: CVE-2024-23725
Vulnrichment
No data.
NVD
Status : Modified
Published: 2024-01-21T04:15:19.177
Modified: 2024-11-21T08:58:15.050
Link: CVE-2024-23725
Redhat
No data.