COOEY // HUBcompliance · community · intelligence

FAIL › dossier

ghost vendor

1
failure events
0
zero-days
1
RCEs
0
on KEV
1
critical
50
worst shame

Dossier not yet built — the RAG curator builds one for players with ≥2 failure events (factory/dossier.py). The failure history and sentiment below are live.

Failure history 2 events

DateEventSevFlagsShameSummary
2022-04-12 CVE-2022-28397 critical ⚡RCE 50 An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this
2022-04-12 CVE-2022-28397 critical ⚡RCE 50 An arbitrary file upload vulnerability in the file upload module of Ghost CMS v4.42.0 allows attackers to execute arbitrary code via a crafted file. NOTE: Vendor states as detailed in Ghost's security documentation, files can only be uploaded and published by trusted users, this