Vulnerabilities > Bookstackapp > Bookstack > Medium

DATE CVE VULNERABILITY TITLE RISK
2021-09-06 CVE-2021-3767 Cross-site Scripting vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
bookstackapp CWE-79
5.4
5.4
2021-09-06 CVE-2021-3768 Cross-site Scripting vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting')
network
low complexity
bookstackapp CWE-79
5.4
5.4
2021-09-02 CVE-2021-3758 Server-Side Request Forgery (SSRF) vulnerability in Bookstackapp Bookstack
bookstack is vulnerable to Server-Side Request Forgery (SSRF)
network
low complexity
bookstackapp CWE-918
6.5
6.5
2020-12-09 CVE-2020-26260 Injection vulnerability in Bookstackapp Bookstack
BookStack is a platform for storing and organising information and documentation.
network
low complexity
bookstackapp CWE-74
6.4
6.4
2020-05-07 CVE-2020-11055 Cross-site Scripting vulnerability in Bookstackapp Bookstack
In BookStack greater than or equal to 0.18.0 and less than 0.29.2, there is an XSS vulnerability in comment creation.
network
low complexity
bookstackapp CWE-79
5.4
5.4
2018-01-03 CVE-2017-1000462 Cross-site Scripting vulnerability in Bookstackapp Bookstack 0.18.4
BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.
network
low complexity
bookstackapp CWE-79
5.4
5.4