CVE-2024-23725

Published January 21st, 2024

View on NVD ↗

CVSS v3

6.1

MEDIUM

CVSS v2

N/A

Affected

1

PROJECT

Description

Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.

Independent technology for modern publishing, memberships, subscriptions and newsletters.

GitHub

54.2K