CVE-2022-41697

A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.
References
Link Resource
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1625 Exploit Third Party Advisory
Configurations

Configuration 1

cpe:2.3:a:ghost:ghost:5.9.4:*:*:*:*:node.js:*:*

Information

Published : 2022-12-22 10:15

Updated : 2022-12-29 06:21


NVD link : CVE-2022-41697

Mitre link : CVE-2022-41697

Products Affected
No products.
CWE
CWE-204

Observable Response Discrepancy