Description
The Ghost CMS is vulnerable to a path traversal vulnerability. An unauthenticated attacker can read arbitrary files within the active theme's folder.
Remediation
Upgrade to the latest version of Ghost CMS
References
Related Vulnerabilities
OpenSSL Other Vulnerability (CVE-2016-0705)
Oracle JRE CVE-2013-1563 Vulnerability (CVE-2013-1563)
WordPress Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2012-5868)
Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2019-14892)
Oracle Database Server CVE-2014-6455 Vulnerability (CVE-2014-6455)