Package impact
npm / @tryghost/portal
| CVE | Severity | CVSS | Risk | Flags | OS | Vendor | Published | Description |
|---|---|---|---|---|---|---|---|---|
| CVE-2026-24778 | unknown | — | — | 4mo ago | Ghost vulnerable to XSS via malicious Portal preview links | |||
| CVE-2024-43409 | unknown | — | — | 2y ago | Ghost's improper authentication allows access to member information and actions |