Post · BT Free Social

If you are running *any* version of Ghost between 3.24.0 and 6.19.0:

Stop what you are doing and upgrade to 6.19.1.

Like right now.

>> This is not a drill! <<

"A SQL injection vulnerability existed in Ghost's Content API that allowed unauthenticated attackers to read arbitrary data from the database. This vulnerability is present in Ghost v3.24.0 to v6.19.0. v6.19.1 contains a fix for this issue. There is no application-level workaround."

https://github.com/TryGhost/Ghost/security/advisories/GHSA-w52v-v783-gw97

#Ghost

BT Free Social

BT Free is a non-profit organization founded by @ozoned@btfree.social . It's goal is for digital privacy rights, advocacy and consulting. This goal will be attained by hosting open platforms to allow others to seamlessly join the Fediverse on moderated instances or by helping others join the Fediverse.