Vulnerability CVE-2022-41697


Published: 2022-12-22

Description:
A user enumeration vulnerability exists in the login functionality of Ghost Foundation Ghost 5.9.4. A specially-crafted HTTP request can lead to a disclosure of sensitive information. An attacker can send a series of HTTP requests to trigger this vulnerability.

Type:

CWE-204

(Response Discrepancy Information Exposure)

 References:
https://talosintelligence.com/vulnerability_reports/TALOS-2022-1625

Copyright 2026, cxsecurity.com

 

Back to Top