Vulnerability Detail
Enriched intelligence for a single CVE
High
CVE-2023-32235
PUBLISHEDGhost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory...
Not yet in CISA KEV
- Vendor
- Ghost
- Product
- Ghost
- Published
- May 05, 2023
- EPSS
- —
Automate This Intelligence with the Pro API
Everything on this page — CVSS, EPSS, exploit status, PoCs, scanner integrations, mentions, tags, and immediate honeypot data — is available programmatically for VM, SOC, and CTI workflows.
Description
Ghost before 5.42.1 allows remote attackers to read arbitrary files within the active theme's folder via /assets/built%2F..%2F..%2F/ directory traversal. This occurs in frontend/web/middleware/static-theme.js.
Weaknesses (CWE)
-
Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Scores
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Exploitation Status
Exploited in the wild
Recorded 2026-06-04 00:00:00 UTC · The Shadowserver (via CIRCL)
Proof of concept available
Recorded 2023-07-09 20:01:11 UTC · GitHub
Known Exploited Vulnerability Sources
Catalogues that list this CVE as a known exploited vulnerability.
| Source | Added |
|---|---|
| The Shadowserver (via CIRCL) First | 2025-07-14 00:00 UTC |
Scanner Integrations
| Scanner | Reference | Detected |
|---|---|---|
| Nuclei | https://github.com/projectdiscovery/nuclei-templates/blob/main/http/cves/2023/CVE-2023-32235.yaml | Apr 25, 2025 |
Potential Proof of Concepts
These PoCs are unverified and could contain malware. Use at your own risk.
github · Created 2023-07-09 20:01:11 UTC · 4 stars
A Directory Traversal attack (also known as path traversal) aims to access files and directories that are stored outside the intended folder.
nuclei · Created Unknown
Timeline
-
Added to KEVIntel
-
Detected by Nuclei
-
Proof of Concept Exploit Available
-
CVE Published to Public
-
CVE ID Reserved