CVE-2017-1000462

2018-01-0320:29:00

Google

osv.dev

0.001 Low

EPSS

Percentile

26.3%

JSON

BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.

CPENameOperatorVersion
bookstackeq0.8.1
bookstackeq0.7.6
bookstackeq0.18.4
bookstackeq0.8.2
bookstackeq0.13.1
bookstackeq0.18.0
bookstackeq0.9.2
bookstackeq0.7.4
bookstackeq0.9.0
bookstackeq0.18.1

Name	Operator	Version
bookstack	eq	0.8.1
bookstack	eq	0.7.6
bookstack	eq	0.18.4
bookstack	eq	0.8.2
bookstack	eq	0.13.1
bookstack	eq	0.18.0
bookstack	eq	0.9.2
bookstack	eq	0.7.4
bookstack	eq	0.9.0
bookstack	eq	0.18.1

Rows per page:

1-10 of 501

References

github.com/BookStackApp/BookStack/issues/575

0.001 Low

EPSS

Percentile

26.3%

JSON

Related for OSV:CVE-2017-1000462