Awesome explanation of the entire vulnerability/CVE process. Thank you for taking the time to explain the entire process you went through.

Excellent content! I love that you cover both sides of the CVE, red and blue!!! Thank you! Did you find this CVE as part of a bug bounty program or other process? I've written some code in a framework I had built that sends reports when users enter anything that look malicious in addition to removing the offending code or blocking the post or update. 🙂

Very inspiring Tyler. You did a great job. ❤

CVE-2024-23724 in Ghost CMS allowed for Stored XSS in profile pictures, potentially leading to an adversary taking over the Owner account. Although the vendor did not issue an official patch, a Pull Request was made for users to secure against this CVE themselves. This vulnerability highlighted the importance of code reviews and proactive patching processes to address security issues in widely used platforms like Ghost CMS.

Hey Tyler 1 request is to make things on your screen bigger, not everyone has great eyesight.

Thank you for your efforts! Great work. Good karma!

This is brilliant!

This the type of guy to catch my hacker who hacks my dating apps; just so he can get another CVE.

Deserves more views

Oh no he just spelled JIF 🙈. But it's still informative and interesting. thank you

awesome

Is this still doable? (I want to choose this security leak for a school project, I'm in my second year in software development) For a presentation I would need to show the exploit.