Ghost CMS SQL injection flaw exploited i

概要

A large-scale campaign is exploiting a critical SQL injection vulnerability (CVE-2026-26980) in Ghost CMS to inject malicious JavaScript code that triggers ClickFix attack flows. [...]

元記事（BleepingComputer）