Here's the writeup for CVE-2026-53943, a cache poisoning -> XSS vuln I found in Ghost CMS 👻
cryptocat.me/blog/researc...
Root cause analysis of CVE-2026-53943 in Ghost CMS, an unauthenticated cache-poisoning XSS where one anonymous request poisons any caching layer in front of Ghost with attacker-controlled JavaScript t...
