Version unspecified

CVE-2023-4624

Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.

LOW CVSS 2.4 Published Aug 30, 2023

CVE-2022-0877

Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.

HIGH CVSS 7.6 Published Mar 08, 2022

CVE-2021-4194

bookstack is vulnerable to Improper Access Control

MEDIUM CVSS 4.3 Published Jan 06, 2022

CVE-2021-4119

bookstack is vulnerable to Improper Access Control

MEDIUM CVSS 5.3 Published Dec 15, 2021

CVE-2021-3944

bookstack is vulnerable to Cross-Site Request Forgery (CSRF)

LOW CVSS 3.1 Published Dec 02, 2021

CVE-2021-4026

bookstack is vulnerable to Improper Access Control

MEDIUM CVSS 6.5 Published Nov 30, 2021

CVE-2021-3915

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type

HIGH CVSS 7.6 Published Nov 13, 2021

CVE-2021-3916

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

MEDIUM CVSS 6.5 Published Nov 05, 2021

CVE-2021-3906

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type

MEDIUM CVSS 5.4 Published Oct 27, 2021

CVE-2021-3874

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')

MEDIUM CVSS 4.3 Published Oct 15, 2021

CVE-2021-3768

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM CVSS 5.4 Published Sep 06, 2021

CVE-2021-3767

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')

MEDIUM CVSS 5.4 Published Sep 06, 2021

CVE-2021-3758

bookstack is vulnerable to Server-Side Request Forgery (SSRF)

MEDIUM CVSS 6.3 Published Sep 02, 2021