Lucene search
China National Vulnerability DatabaseCNVD-2021-95601HistoryDec 02, 2021 - 12:00 a.m.
BookStack Access Control Error Vulnerability
2021-12-0200:00:00
China National Vulnerability Database
www.cnvd.org.cn
8
0.001 Low
EPSS
Percentile
21.6%
BookStack is an open source set of BookStackApp (Bookstackapp) team’s platform for building wiki documents using PHP and Laravel. bookstackapp suffers from an access control error vulnerability that stems from the fact that users with API access can view any attachments to which they do not have read access. An attacker could exploit the vulnerability to obtain sensitive information.
| CPE | Name | Operator | Version |
|---|---|---|---|
| bookstackapp bookstack | lt | 21.11.2 |
Related
huntr
huntr
Improper Access Control in bookstackapp/bookstack
2021-11-27 18:36:24
cve
cve
CVE-2021-4026
2021-11-30 20:15:07
prion
prion
Improper access control
2021-11-30 20:15:00
osv
osv
CVE-2021-4026
2021-11-30 20:15:07
bookstack is vulnerable to Improper Access Control
2021-12-01 18:26:48
github
github
bookstack is vulnerable to Improper Access Control
2021-12-01 18:26:48
veracode
veracode
Insecure Access Control
2021-12-02 11:14:03
cvelist
cvelist
CVE-2021-4026 Improper Access Control in bookstackapp/bookstack
2021-11-30 19:55:10
nvd
nvd
CVE-2021-4026
2021-11-30 20:15:07