HTTP: Ghost vulnerable to information disclosure
This signature detects attempts to exploit a known vulnerability against Ghost. A successful attack can lead to sensitive information disclosure.
Extended Description
Ghost is an app for new-media creators with tools to build a website, publish content, send newsletters, and offer paid subscriptions to members. Prior to version 5.46.1, due to a lack of validation when filtering on the public API endpoints, it is possible to reveal private fields via a brute force attack. Ghost(Pro) has already been patched. Maintainers can find no evidence that the issue was exploited on Ghost(Pro) prior to the patch being added. Self-hosters are impacted if running Ghost a version below v5.46.1. v5.46.1 contains a fix for this issue. As a workaround, add a block for requests to `/ghost/api/content/*` where the `filter` query parameter contains `password` or `email`.
Affected Products
Ghost ghost
References
CVE: CVE-2023-31133
URL: https://github.com/TryGhost/Ghost/security/advisories/GHSA-r97q-ghch-82j9
Short Name
HTTP:INFO-LEAK:GHOST-INFO-DISCL
Severity
Major
Recommended
False
Recommended Action
Drop
Category
HTTP
Keywords
CVE-2023-31133 Ghost disclosure information to vulnerable
Release Date
07/07/2023
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3630
False Positive
Unknown
Vendors
Ghost