CVE-2023-32235 — Path Traversal in Ghost

Description

Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.

How to fix CVE-2023-32235

To remediate CVE-2023-32235, upgrade the affected package to a fixed version below.

Bitnami/ghost—upgrade to 5.42.1 or later
—upgrade to 5.42.1 or later

Is CVE-2023-32235 being exploited?

Likely — EPSS is 94.1%, placing CVE-2023-32235 in the top tier of vulnerabilities by exploitation probability. Prioritise patching.

Affected packages (2)

from 0, < 5.42.1
from 0, < 5.42.1

CVSS scores

Source	Version	Severity	Vector
osv	CVSS 3.1	HIGH7.5	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

References (4)

ADVISORYnvd.nist.gov/vuln/detail/CVE-2023-32235
PATCHgithub.com/TryGhost/Ghost
WEBgithub.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f
WEBgithub.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1