Ghost: Authentication Bypass via Multiple X-Forwarded-For Headers - Proactive Insights and Support For Open-Source Applications

In Ghost all versions through 5.85.1 a low severity vulnerability CVE-2024-34451 was detected. This flaw lets hackers bypass login attempt limits using multiple fake headers, but it can be avoided by setting up a reverse proxy to only accept trusted headers. For more details, visit https://avd.aquasec.com/nvd/2024/cve-2024-34451/.