System	Score	Found at
epss	0.94094	https://api.first.org/data/v1/epss?cve=CVE-2023-32235
cvssv3.1_qr	HIGH	https://github.com/advisories/GHSA-wf7x-fh6w-34r6
cvssv3.1	7.5	https://github.com/TryGhost/Ghost
generic_textual	HIGH	https://github.com/TryGhost/Ghost
cvssv3.1	7.5	https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f
generic_textual	HIGH	https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f
ssvc	Track	https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f
cvssv3.1	7.5	https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1
generic_textual	HIGH	https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1
ssvc	Track	https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1
cvssv3.1	7.5	https://nvd.nist.gov/vuln/detail/CVE-2023-32235
generic_textual	HIGH	https://nvd.nist.gov/vuln/detail/CVE-2023-32235

Reference id	Reference type	URL
		https://api.first.org/data/v1/epss?cve=CVE-2023-32235
		https://nvd.nist.gov/vuln/detail/CVE-2023-32235
378dd913aa8d0fd0da29b0ffced8884579598b0f		https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f
CVE-2023-32235	Exploit	https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/webapps/52408.py
GHSA-wf7x-fh6w-34r6		https://github.com/advisories/GHSA-wf7x-fh6w-34r6
v5.42.0...v5.42.1		https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1

Data source	Exploit-DB
Date added	Aug. 11, 2025
Description	Ghost CMS 5.42.1 - Path Traversal
Ransomware campaign use	Unknown
Source publication date	Aug. 11, 2025
Exploit type	webapps
Platform	multiple
Source update date	Aug. 11, 2025

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/TryGhost/Ghost

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/ Found at https://github.com/TryGhost/Ghost/commit/378dd913aa8d0fd0da29b0ffced8884579598b0f

---

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

---

Vector: SSVCv2/E:N/A:Y/T:P/P:M/B:A/M:M/D:T/2025-01-29T16:27:01Z/ Found at https://github.com/TryGhost/Ghost/compare/v5.42.0...v5.42.1

---

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2023-32235

Attack Vector (AV)	Attack Complexity (AC)	Privileges Required (PR)	User Interaction (UI)	Scope (S)	Confidentiality Impact (C)	Integrity Impact (I)	Availability Impact (A)
network adjacent_network local physical	low high	none low high	none required	unchanged changed	high low none	high low none	high low none

Percentile	0.99911
EPSS Score	0.94094
Published At	June 11, 2026, 12:55 p.m.

Date	Actor	Action	Source	VulnerableCode Version
2026-06-11T17:26:39.287444+00:00	Vulnrichment	Import	https://github.com/cisagov/vulnrichment/blob/develop/2023/32xxx/CVE-2023-32235.json	38.6.0