Cross site scripting

2018-01-0320:29:00

PRIOn knowledge base

www.prio-n.com

5.5 Medium

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

26.3%

JSON

BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.

CPENameOperatorVersion
bookstackeq0.18.4

CPE	Name	Operator	Version
	bookstack	eq	0.18.4

References

github.com/BookStackApp/BookStack/issues/575