Vulnerabilities > Bookstackapp

DATE CVE VULNERABILITY TITLE RISK
2023-11-20 CVE-2023-6199 Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack 23.10.2
Book Stack version 23.10.2 allows filtering local files on the server.
network
low complexity
bookstackapp CWE-918
6.5
2023-08-30 CVE-2023-4624 Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.
network
low complexity
bookstackapp CWE-918
2.4
2022-10-24 CVE-2022-40690 Cross-site Scripting vulnerability in Bookstackapp Bookstack
Cross-site scripting vulnerability in BookStack versions prior to v22.09 allows a remote authenticated attacker to inject an arbitrary script.
network
low complexity
bookstackapp CWE-79
5.4
2022-03-08 CVE-2022-0877 Cross-site Scripting vulnerability in Bookstackapp Bookstack
Cross-site Scripting (XSS) - Stored in GitHub repository bookstackapp/bookstack prior to v22.02.3.
network
low complexity
bookstackapp CWE-79
5.4
2022-01-06 CVE-2021-4194 Incorrect Authorization vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Access Control
network
low complexity
bookstackapp CWE-863
6.5
2021-12-15 CVE-2021-4119 Unspecified vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Access Control
network
low complexity
bookstackapp
critical
9.8
2021-12-02 CVE-2021-3944 Cross-Site Request Forgery (CSRF) vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
network
high complexity
bookstackapp CWE-352
6.8
2021-11-30 CVE-2021-4026 Incorrect Authorization vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Access Control
network
low complexity
bookstackapp CWE-863
4.3
2021-11-13 CVE-2021-3915 Unrestricted Upload of File with Dangerous Type vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
network
low complexity
bookstackapp CWE-434
5.7
2021-11-05 CVE-2021-3916 Path Traversal vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
network
low complexity
bookstackapp CWE-22
6.5