Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
bookstack vulnerabilities and exploits
(subscribe to this query)
6.5
CVSSv3
CVE-2021-4194
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
8.7
CVSSv3
CVE-2020-26210
In BookStack before version 0.30.4, a user with permissions to edit a page could add an attached link which would execute untrusted JavaScript code when clicked by a viewer of the page. Dangerous content may remain in the database after this update. If you think this could have b...
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2020-11055
In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation. A user with permission to create comments could POST HTML directly to the system to be saved in a comment, which would then be executed/displayed to others users ...
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2022-40690
Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated malicious user to inject an arbitrary script.
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3874
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3906
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
Bookstackapp Bookstack
5.4
CVSSv3
CVE-2022-0877
Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.
Bookstackapp Bookstack
9.8
CVSSv3
CVE-2021-4119
bookstack is vulnerable to Improper Access Control
Bookstackapp Bookstack
5.7
CVSSv3
CVE-2021-3915
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
Bookstackapp Bookstack
6.5
CVSSv3
CVE-2021-3916
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Bookstackapp Bookstack
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-48700
CVE-2022-48689
CVE-2024-27956
CVE-2023-6363
SQL
NULL pointer dereference
CVE-2023-41830
CVE-2015-2051
arbitrary
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
1
2
NEXT »