The flaw, which affects Ghost versions 3.24.0 through 6.19.0, allows unauthenticated attackers to read arbitrary data from the website database.
and it's getting out of hand. Over 700 legitimate domains have been poisoned, including university portals and major technology brands.
