Improper Access Control
Discription
ghost is vulnerable to improper access control. An unprivileged member has the ability to view and change unintended newsletter settings due to improper validation for nested objects in `Memebers` API.Read More
References
Back to Main