Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bookstack vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2021-3768
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2022-40690
Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated malicious user to inject an arbitrary script.
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2022-0877
Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.
Bookstackapp Bookstack
8.8
CVSSv3
CVE-2020-5256
BookStack before version 0.25.5 has a vulnerability where a user could upload PHP files through image upload functions, which would allow them to execute code on the host system remotely. They would then have the permissions of the PHP process. This most impacts scenarios where n...
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3916
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2020-11055
In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation. A user with permission to create comments could POST HTML directly to the system to be saved in a comment, which would then be executed/displayed to others users ...
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-4194
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2021-3767
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3758
bookstack is vulnerable to Server-Side Request Forgery (SSRF)
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2017-1000462
BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.
Bookstackapp Bookstack 0.18.4
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-33228
CVE-2024-20361
log injection
bypass
CVE-2024-4985
CVE-2024-35223
CVE-2024-29849
CVE-2024-31893
IMAP
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2