Bookstackapp: >> Bookstack Security Vulnerabilities
Book Stack version 23.10.2 allows filtering local files on the server. This is possible because the application is vulnerable to SSRF.
CVSS Score
6.5
EPSS Score
0.129
Published
2023-11-20
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.
CVSS Score
2.4
EPSS Score
0.004
Published
2023-08-30
Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated attacker to inject an arbitrary script.
CVSS Score
5.4
EPSS Score
0.005
Published
2022-10-24
Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.
CVSS Score
7.6
EPSS Score
0.003
Published
2022-03-08
bookstack is vulnerable to Improper Access Control
CVSS Score
4.3
EPSS Score
0.002
Published
2022-01-06
bookstack is vulnerable to Improper Access Control
CVSS Score
5.3
EPSS Score
0.015
Published
2021-12-15
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
CVSS Score
3.1
EPSS Score
0.0
Published
2021-12-02
bookstack is vulnerable to Improper Access Control
CVSS Score
6.5
EPSS Score
0.002
Published
2021-11-30
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
CVSS Score
7.6
EPSS Score
0.003
Published
2021-11-13
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
CVSS Score
6.5
EPSS Score
0.004
Published
2021-11-05
Page 1