Vulnerability Database

Published: Jan 21, 2024
Updated: May 4, 2025
CVE: <a href="https://nvd.nist.gov/vuln/detail/CVE-2024-23725" target="_blank" rel="noopener"> CVE-2024-23725
GHSA: <a href="https://github.com/advisories/GHSA-fh38-9fgr-454w" target="_blank" rel="noopener"> GHSA-fh38-9fgr-454w
Severity: Medium
Exploit:

296,676

Total vulnerabilities in the database

Ghost before 5.76.0 allows XSS via a post excerpt in excerpt.js. An XSS payload can be rendered in post summaries.

CVSS v3:

CWEs:

OWASP TOP 10:

Software	From	Fixed in
ghost	-	5.76.0
ghost / ghost	-	5.76.0

SynScan provides clear, real-time security insights so you can monitor your attack surface, spot risks early, and act fast—without extra complexity.