Tenebrae93

**Name of the Vulnerable Software and Affected Versions** Ghost versions prior to 5.76.0 **Description** The issue is related to the lack of protection of the web page structure, allowing a remote attacker to conduct a cross-site scripting (XSS) attack by sending a specially crafted malicious SVG file containing JavaScript code to the TCP port 3001. This can lead to stored XSS and resultant privilege escalation, where a contributor can take over any account. The attack is carried out via an SVG profile picture that contains JavaScript code to interact with the API on localhost TCP port 3001. **Recommendations** For Ghost versions prior to 5.76.0, consider disabling the ability to upload SVG files as profile pictures until a patch is available. Restrict access to the API on localhost TCP port 3001 to minimize the risk of exploitation. Avoid using the `profile picture` feature in the affected Ghost versions until the issue is resolved.