Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated malicious user to inject an arbitrary script.
bookstackapp bookstack