Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bookstackapp vulnerabilities and exploits
(subscribe to this query)
9.8
CVSSv3
CVE-2021-4119
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-4194
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3758
bookstack is vulnerable to Server-Side Request Forgery (SSRF)
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2021-3768
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
8.7
CVSSv3
CVE-2020-26210
In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have b...
Bookstackapp Bookstack
6.4
CVSSv3
CVE-2020-26260
BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make serv...
Bookstackapp Bookstack
1 Github repository
6.5
CVSSv3
CVE-2021-3916
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3874
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
6.8
CVSSv3
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2021-3767
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
denial of service
CVE-2024-27371
CVE-2024-20405
CVE-2024-31627
CVE-2024-31625
race condition
CVE-2024-4358
cross-site scripting
CVE-2023-20938
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
3
NEXT »