CVE-2026-29784 | THREATINT

Description

Ghost is a Node.js content management system. From version 5.101.6 to 6.19.2, incomplete CSRF protections around /session/verify made it possible to use OTCs in login sessions different from the requesting session. In some scenarios this might have made it easier for phishers to take over a Ghost site. This issue has been patched in version 6.19.3.

PUBLISHED Reserved 2026-03-04 | Published 2026-03-07 | Updated 2026-03-07 | Assigner GitHub_M

HIGH: 7.5CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H

Problem types

CWE-352: Cross-Site Request Forgery (CSRF)

Product status

>= 5.101.6, < 6.19.3

affected

References

github.com/.../Ghost/security/advisories/GHSA-9m84-wc28-w895

github.com/...ommit/ec065a774fa125953d2aa644a59cd8990329e0a0

cve.org (CVE-2026-29784)

nvd.nist.gov (CVE-2026-29784)

Download JSON