CVE-2022-41697
published 2022-12-22CVE-2022-41697: A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure…
PriorityP347medium5.3CVSS 3.1
AVNACLPRNUINSUCLINAN
EXPLOIT
EPSS
20.20%
97.1th percentile
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| ghost | ghost | — | — |
| ghost_foundation | ghost | — | — |
CVSS provenance
nvdv3.15.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
nvdv3.05.3MEDIUMCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Nuclei
Ghost CMS - User Enumeration
nuclei·CVSS 5.3
CVE-2022-41697 [MEDIUM] Ghost CMS - User Enumeration
Ghost CMS - User Enumeration
Ghost CMS 5.9.4 contains a user enumeration vulnerability in the login functionality. The application reveals whether a user account exists through different error messages, allowing attackers to enumerate valid user accounts via specially-crafted HTTP requests.
Template:
id: CVE-2022-41697
info:
name: Ghost CMS - User Enumeration
author: ritikchaddha
severity: medium
description: |
Ghost CMS 5.9.4 contains a user enumeration vulnerability in the login functionality. The application reveals whether a user account exists through different error messages, allowing attackers to enumerate valid user accounts via specially-crafted HTTP requests.
impact: |
Attackers can identify valid usernames/email addresses, facilitating targeted attacks such as phishing, cred
Checkpoint
26th December – Threat Intelligence Report
blogs_checkpoint·2022-12-26
CVE-2022-41080 26th December – Threat Intelligence Report
Latest Publications
CPR Podcast Channel
AI Research
Web 3.0 Security
Intelligence Reports
ThreatCloud AI
Threat Intelligence & Research
Zero Day Protection
Sandblast File Analysis
About Us
SUBSCRIBE
2026
2025
2024
2023
2022
2021
2020
2019
2018
2017
2016
## 26th December – Threat Intelligence Report
For the latest discoveries in cyber research for the week of 26th December, please download our Threat_Intelligence Bulletin
TOP ATTACKS AND BREACHES
LastPass revealed that it has been breached for the second time this year, an event that resulted in attackers stealing customer encrypted password vaults and additional account information. The breach was achieved after attackers used information stolen from the LastPass development environment in the August incident to
Talos
Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
blogs_talos·2022-12-21·CVSS 4.3
[MEDIUM] Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
## Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one enumeration vulnerability.
Ghost is a content management system with tools to build a website, publish content and send newsletters. Ghost offers paid subscriptions to members and supports a number of integrations with external services.
Talos has identified an authentication bypass vulnerability that can lead to increased privileges. TALOS-2022-1624 (CVE-2022-41654) allows external users to update their newsletter preferences too liberally, which could allow a user full access to create and modify ne
Talos
Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
blogs_talos·2022-12-21·CVSS 4.3
[MEDIUM] Vulnerability Spotlight: Authentication bypass and enumeration vulnerabilities in Ghost CMS
Dave McDaniel and other members of Cisco Talos discovered these vulnerabilities.
Cisco Talos recently discovered two vulnerabilities in Ghost CMS, one authentication bypass vulnerability and one enumeration vulnerability.
Ghost is a content management system with tools to build a website, publish content and send newsletters. Ghost offers paid subscriptions to members and supports a number of integrations with external services.
Talos has identified an authentication bypass vulnerability that can lead to increased privileges. TALOS-2022-1624 (CVE-2022-41654) allows external users to update their newsletter preferences too liberally, which could allow a user full access to create and modify newsletters, including the default sent to all members.
TALOS-2022-1625 (CVE-2022-41697) is an en
2022-12-22
Published