CNNVD-202509-2716 Information
Sep 17, 2025
cve
CNNVD ID
CNNVD-202509-2716
Related CVE
- CNNVD Published: 2025-09-17
Description (Chinese)
Ghost是Ghost开源的一个托管服务。 Ghost 6.0.0版本至6.0.8版本和5.99.0版本至5.130.3版本存在安全漏洞,该漏洞源于容易受到服务端请求伪造攻击,可能导致访问内部资源。
Description (English)
Ghost is a hosting service for the Ghost Open Source. There is a security loophole in the ghost versions 6.0.0 to 6.0.8 and 5.99.0 to 5.130.3, which stems from the vulnerability of the service to fraudulent attacks that may lead to access to internal resources.
Hazard Level
High
Vulnerability Type
其他
Affected Vendor
Gibbon
Published
2025-09-17
Last Modified
2026-02-24
References
https://fluidattacks.com/advisories/regida https://github.com/TryGhost/Ghost https://github.com/TryGhost/Ghost/releases/tag/v6.0.9 https://github.com/TryGhost/Ghost/security/advisories/GHSA-f7qg-xj45-w956
Patch
https://github.com/TryGhost/Ghost/releases
Share on: