Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

bookstackapp bookstack vulnerabilities and exploits

(subscribe to this query)

5.4
CVSSv3
CVE-2021-3767
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3906
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2022-0877
Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3....
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2021-3768
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')...
Bookstackapp Bookstack
8.7
CVSSv3
CVE-2020-26211
In BookStack before version 0.30.4, a user with permissions to edit a page could insert JavaScript code through the use of `javascript:` URIs within a link or form which would run, within the context of the current page, when clicked or submitted. Additionally, a user with...
Bookstackapp Bookstack
6.4
CVSSv3
CVE-2020-26260
BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make...
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3874
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')...
Bookstackapp Bookstack
8.8
CVSSv3
CVE-2020-5256
BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where...
Bookstackapp Bookstack
4.3
CVSSv3
CVE-2021-4026
bookstack is vulnerable to Improper Access Control...
Bookstackapp Bookstack
8.7
CVSSv3
CVE-2020-26210
In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have...
Bookstackapp Bookstack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2021-44228CVE-2021-41690CVE-2021-21551firewalldosCVE-2022-31229CVE-2022-30562CVE-2022-30563camera
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook