CVE-2022-28397
Ghost CMS Arbitrary File Upload Vulnerability
Halo Surface Signal: 4 out of 5 — likely to be public-facing.
An arbitrary file upload vulnerability in Ghost CMS could allow attackers to execute arbitrary code. The vendor states this feature is intentionally restricted to trusted users, but if reachable, it could impact system integrity. Confirming relevance and system exposure is crucial for assessing risk.