CVE-2023-40028

Description

### Impact A vulnerability in Ghost allows authenticated users to upload files which are symlinks. This can be exploited to perform an arbitrary file read of any file on the operating system. Site administrators can check for exploitation of this issue by looking for unknown symlinks within Ghost's `content/` folder ### Vulnerable versions This security vulnerability is present in Ghost ≤ v5.59.0. ### Patches v5.59.1 contains a fix for this issue. ### For more information If you have any questions or comments about this advisory: * Email us at [[email protected]](mailto:[email protected])

How to fix CVE-2023-40028

To remediate CVE-2023-40028, upgrade the affected package to a fixed version below.

• —upgrade to 5.59.1 or later
• —upgrade to 5.59.1 or later

Is CVE-2023-40028 being exploited?

Likely — EPSS is 77.6%, placing CVE-2023-40028 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.

Affected packages (2)

• from 0, < 5.59.1
• from 0, < 5.59.1

CVSS scores

References (4)

• ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-40028
• PATCHgithub.com/TryGhost/Ghost
• WEBgithub.com/TryGhost/Ghost/commit/690fbf3f7302ff3f77159c0795928bdd20f41205
• WEBgithub.com/TryGhost/Ghost/security/advisories/GHSA-9c9v-w225-v5rg