Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bookstackapp bookstack vulnerabilities and exploits
(subscribe to this query)
5.4
CVSSv3
CVE-2022-0877
Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.
Bookstackapp Bookstack
2.4
CVSSv3
CVE-2023-4624
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2022-40690
Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated malicious user to inject an arbitrary script.
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3906
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2020-11055
In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation. A user with permission to create comments could POST HTML directly to the system to be saved in a comment, which would then be executed/displayed to others users ...
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-4194
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
9.8
CVSSv3
CVE-2021-4119
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
8.7
CVSSv3
CVE-2020-26210
In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have b...
Bookstackapp Bookstack
8.7
CVSSv3
CVE-2020-26211
In BookStack before version 0.30.4, a user with permissions to edit a page could insert JavaScript code through the use of `javascript:` URIs within a link or form which would run, within the context of the current page, when clicked or submitted. Additionally, a user with permis...
Bookstackapp Bookstack
1 Github repository
6.8
CVSSv3
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
Bookstackapp Bookstack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2024-4367
CVE-2024-35977
CVE-2023-49335
man-in-the-middle
CVE-2024-4947
CVE-2024-31714
memory leak
SQL
CVE-2024-35994
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »