Remote Code Execution in Ghost CMS

A Remote Code Execution (RCE) vulnerability, GHSA-cgc2-rcrh-qr5x, has been disclosed in Ghost CMS, a popular Node.js-based content management system powering over 100,000 active websites.

Endor Labs found and published in the official Ghost security advisory, this flaw allows attackers to execute arbitrary JavaScript on vulnerable Ghost instances through malicious theme handling that abuses JSONPath evaluation within Handlebars helpers. For internet-facing deployments that allow custom theme installation or rendering of untrusted content, successful exploitation may result in full server compromise.

Ghost CMS History & Exposure Context

Ghost is widely deployed across:

• Personal blogs.
• SaaS documentation portals.
• Developer blogs.
• Marketing sites.
• Membership-based content platforms.

Many deployments are self-hosted and internet-facing, often with custom themes and dynamic rendering enabled. 

Ghost has experienced several high-impact vulnerabilities in recent years, including:

• Stored Cross-Site Scripting (XSS) through malicious SVG uploads, prior to v5.76.0
• Theme directory path traversal allowing arbitrary file access, prior to v5.42.1
• Authenticated arbitrary file read vulnerabilities, prior to v5.59.1
• Administrative and API authorization bypass issues.

While these issues differ in severity and root cause, they share a common theme: extensibility features such as theme handling and dynamic content processing expand the application’s attack surface. GHSA-cgc2-rcrh-qr5x fits within this broader pattern. When template rendering logic intersects with unsafe dependency behavior, exploitability shifts from theoretical to practical.

Impact

Successful exploitation of GHSA-cgc2-rcrh-qr5x enables an attacker to:

• Execute arbitrary code in the Ghost server process.
• Compromise server-side data, services or credentials.
• Deploy backdoors or lateral movement tooling.
• Exfiltrate content or pivot to connected services.

Technical Details

The RCE arises from how Ghost processes JSONPath expressions during theme rendering:

• Ghost relies on the jsonpath package to interpret JSONPath queries embedded in theme helpers.
• That package, or a transitive dependency such as static-eval, evaluates expressions in a manner that is unsafe when processing attacker-controlled input.
• Handlebars template helpers, notably the get helper, invoke jsonpath.query() during page rendering.
• When a malicious theme supplies crafted JSONPath expressions, the evaluation bypasses intended input restrictions, leading to arbitrary code execution on the server.

Since this evaluation occurs during standard page generation, rendering a malicious theme is sufficient to trigger execution without additional administrative interaction.

Mitigation

Immediate Actions

1. Upgrade the ghost npm package to version 6.19.1 or later to remove vulnerable JSONPath evaluation logic and eliminate the unsafe dependency chain.
2. Audit installed themes and remove any untrusted or unused themes.
3. Restrict theme uploading to trusted administrators only.
4. Monitor server logs for unusual template parsing or JSONPath expression activity.

Why This Matters

In GHSA-cgc2-rcrh-qr5x, the vulnerable code path becomes exploitable when a theme helper invokes JSONPath during normal page rendering, a legitimate and routine application behavior. The presence of the jsonpath or static-eval dependency alone doesn’t determine risk. What matters is whether that execution path is reachable and executed in production. More specifically, risk materializes when attacker-controlled input reaches the vulnerable evaluation logic through legitimate application flows.

Traditional SCA tools find vulnerable dependencies, but often fail to show if the vulnerable function is actually reachable during runtime. This gap between a dependency's presence and its execution reachability is the runtime visibility gap. While inventory shows "what is installed," exploitability relies on the vulnerable path being reachable and executed in production.

Runtime Visibility Gap: How Kodem Protects Customers

Kodem’s approach combines:

• Code-level analysis.
• Data-flow mapping.
• Runtime execution visibility.
• Function-level reachability validation (execution).

This enables teams to shift vulnerability management from theoretical exposure to verified runtime risk by:

• Confirming whether vulnerable code paths are actually invoked.
• Prioritizing risks based on execution behavior.
• Reducing false positives from unreachable dependencies.
• Identifying malicious execution paths in production environments.
  

Kodem moves teams past dependency presence to focus on confirmed runtime risk. We can validate if the vulnerable JSONPath evaluation is reachable and executed during theme rendering, if attacker input reaches the evaluation sink and if the flow is externally exploitable.

This is particularly important in containerized deployments, where dependencies may be inherited transitively through base images and layered builds rather than explicitly declared in the application’s dependency manifest. 

References

1. CVE Details. Ghost: Product details, threats and statistics. https://www.cvedetails.com/product/59619/Ghost-Ghost.html?vendor_id=20613 
2. Endor Labs. (March 2, 2026). Remote Code Execution (RCE) in Ghost CMS: A Transitive Dependency Wreaks Havoc. https://www.endorlabs.com/learn/rce-in-ghost-cms-ghsa-cgc2-rcrh-qr5x 
3. Enricher. (March 30, 2025). Ghost CMS Statistics 2025: Market Trends and Insights. https://enricher.io/blog/ghost-cms-statistics
4. SentinelOne. (January 30, 2026). CVE-2026-24778: Ghost CMS XSS Vulnerability. https://www.sentinelone.com/vulnerability-database/cve-2026-24778/ 
5. SentinelOne. (February 27, 2026). CVE-2026-26980: Ghost CMS Information Disclosure Flaw. https://www.sentinelone.com/vulnerability-database/cve-2026-26980/ 
6. TryGhost. GHSA-cgc2-rcrh-qr5x: Remote Code Execution via Malicious Themes. https://github.com/TryGhost/Ghost/security/advisories/GHSA-cgc2-rcrh-qr5x 
7. TryGhost GitHub Security Advisories. https://github.com/TryGhost/Ghost/security/advisories/