Skip to main content
CVE Vulnerability Database
Vulnerability Database/CVE-2026-53948

CVE-2026-53948: Ghost CMS Stored XSS Vulnerability

CVE-2026-53948 is a stored XSS vulnerability in Ghost CMS caused by insufficient Content-Type validation on file uploads. Attackers could exploit this to execute malicious scripts. This article covers technical details, affected versions, impact, and mitigation strategies.

Published:

CVE-2026-53948 Overview

CVE-2026-53948 affects Ghost, a Node.js content management system. Ghost versions from 6.19.4 until 6.21.1 fail to properly validate the client-supplied Content-Type header on the Admin API file upload endpoint. Attackers with author-level access can upload files that are served with an attacker-chosen content type when using S3 or Google Cloud Storage (GCS) backends. On installations that serve uploaded files from the same origin as the site, this behavior enables stored cross-site scripting (XSS) [CWE-434] against visitors and staff. Ghost 6.21.1 fixes the issue.

Critical Impact

Authenticated attackers can upload files with arbitrary content types on S3/GCS-backed Ghost deployments, enabling stored XSS against site visitors and administrative staff when files share the site's origin.

Affected Products

  • Ghost CMS versions 6.19.4 through 6.21.0
  • Ghost installations using Amazon S3 storage backend
  • Ghost installations using Google Cloud Storage (GCS) backend

Discovery Timeline

  • 2026-06-24 - CVE-2026-53948 published to NVD
  • 2026-06-25 - Last updated in NVD database

Technical Details for CVE-2026-53948

Vulnerability Analysis

The vulnerability stems from insufficient validation of the client-supplied Content-Type header on Ghost's Admin API file upload endpoint. When a file is uploaded to an S3 or GCS storage backend, Ghost passes the user-controlled MIME type through to the storage layer. The storage service then serves the file with that content type on subsequent requests.

This behavior breaks the assumption that uploaded files will be served as static assets with safe, server-derived MIME types. An authenticated attacker can upload a file containing HTML or JavaScript while declaring the content type as text/html or application/javascript. When a visitor or administrator retrieves the file URL, the browser renders or executes the payload.

The impact depends on deployment configuration. Sites that serve uploaded media from the same origin as the main Ghost application are vulnerable to stored XSS. Cookies, session tokens, and Admin API actions become reachable from the injected script context.

Root Cause

The root cause is unrestricted file upload with dangerous type [CWE-434]. Ghost trusted the Content-Type header sent by the client rather than deriving the MIME type from file inspection or restricting it to a server-side allowlist. The S3 and GCS adapters persisted this header as object metadata, causing the storage service to return the attacker-controlled value in subsequent responses.

Attack Vector

Exploitation requires Admin API credentials with file upload permissions and user interaction to visit the malicious file URL. The attacker uploads a crafted file via the Admin API while specifying a script-capable MIME type. The resulting URL, hosted on the site's origin, executes the script payload in any browser that loads it. See the GitHub Security Advisory GHSA-944x-pm95-3jpr for full technical details.

Detection Methods for CVE-2026-53948

Indicators of Compromise

  • Files in S3 or GCS buckets with Content-Type metadata set to text/html, application/xhtml+xml, image/svg+xml, or application/javascript despite non-matching file extensions.
  • Admin API upload requests where the declared Content-Type does not match the file binary signature.
  • Unexpected outbound requests from visitor browsers to attacker-controlled domains after viewing site media.

Detection Strategies

  • Audit S3 and GCS bucket inventory for objects whose stored Content-Type metadata differs from their actual file format.
  • Review Admin API access logs for file upload activity from unfamiliar author or staff accounts during the vulnerable version window.
  • Inspect HTTP response headers from /content/images/ and other upload paths for executable MIME types being served from the site origin.

Monitoring Recommendations

  • Enable CloudTrail or GCS audit logging on the Ghost storage bucket to capture object PUT operations with metadata details.
  • Alert on any uploaded object whose Content-Type is scriptable when served from the same origin as the Ghost site.
  • Monitor staff account creation and role changes in Ghost to detect attacker provisioning of upload-capable accounts.

How to Mitigate CVE-2026-53948

Immediate Actions Required

  • Upgrade Ghost to version 6.21.1 or later without delay.
  • Audit all files uploaded to S3 or GCS backends since upgrading to 6.19.4 and remove or remediate objects with suspicious content types.
  • Rotate Admin API keys and review staff accounts for unauthorized additions or privilege changes.

Patch Information

The vulnerability is fixed in Ghost 6.21.1. The patch enforces server-side validation of upload content types rather than trusting client-supplied values. Refer to the Ghost security advisory GHSA-944x-pm95-3jpr for release notes and remediation guidance.

Workarounds

  • Serve uploaded files from a separate origin or sandboxed domain to neutralize stored XSS impact even when arbitrary MIME types are accepted.
  • Configure a Content Security Policy (CSP) that restricts script execution to trusted origins, limiting payload execution within the Ghost interface.
  • Restrict Admin API access and limit staff role assignment until the upgrade is completed.
bash
# Upgrade Ghost to the patched release
ghost update --version 6.21.1
ghost doctor

Disclaimer: This content was generated using AI. While we strive for accuracy, please verify critical information with official sources.

Default Legacy - Prefooter | Experience the World’s Most Advanced Cybersecurity Platform

Experience the Most Advanced Cybersecurity Platform

See how the world’s most intelligent, autonomous cybersecurity platform can protect your organization today and into the future.