Ghost
InsaneLDAP injection on a Next.js intranet leaks a service-account secret that unlocks Gitea; a custom Ghost CMS file-read exposes an RCE dev key; from …
Windows
WindowsActive DirectoryLDAP InjectionGiteaSSRFRCEMSSQLCross-Forest TrustMimikatzKerberos