200 matches found
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
Cross site request forgery (csrf)
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2021-3944
CVE-2021-3944 affects BookStack. Multiple connected sources confirm a cross-site request forgery (CSRF) vulnerability in BookStack/BookStackApp, caused by insufficient CSRF validation. Documented details indicate the issue is CSRF without explicit exploitation vectors or patched versions in the p...
BookStack Access Control Error Vulnerability
BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel. bookstackapp suffers from an access control error vulnerability that stems from the fact that users with API access can view any attachments to which they do not have re...
BookStack 跨站请求伪造漏洞
BookStack is the BookStackApp team's open source platform for building wiki documents using PHP and Laravel. bookstack suffers from a cross-site request forgery vulnerability, which stems from the software's lack of validation for cross-site request forgery. An attacker could use this vulnerabili...
GHSA-JM6P-WFJG-XM7X bookstack is vulnerable to Improper Access Control
bookstack is vulnerable to Improper Access Control...
bookstack is vulnerable to Improper Access Control
bookstack is vulnerable to Improper Access Control...
CVE-2021-4026
bookstack is vulnerable to Improper Access Control...
CVE-2021-4026
bookstack is vulnerable to Improper Access Control...
CVE-2021-4026
bookstack is vulnerable to Improper Access Control...
Improper access control
bookstack is vulnerable to Improper Access Control...
CVE-2021-4026
CVE-2021-4026 affects BookStack (open-source PHP/Laravel app). The vulnerability is an Improper Access Control in which users with API access can view attachments they should not have read access to, potentially exposing sensitive information. The issue is documented across multiple feeds (NVD en...
BookStack 访问控制错误漏洞
BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel. bookstackapp suffers from an access control error vulnerability that stems from the fact that users with API access can view any attachments to which they do not have re...
PT-2021-22847 · Bookstack · Bookstack
Name of the Vulnerable Software and Affected Versions: bookstack affected versions not specified Description: The issue is related to Improper Access Control. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...
BookStack code issue vulnerability
BookStack is an open-source platform for building wiki documents using PHP and Laravel from the BookStackApp Bookstackapp team.BookStack is vulnerable to a code issue that stems from a lack of file type restrictions in the software's controller.php, which could be exploited by an attacker to...
GHSA-W2F4-HXPM-MQ98 bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...
Unrestricted file upload
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...
CVE-2021-3915
CVE-2021-3915 affects BookStack (BookStackApp) and is due to a lack of file type restrictions in the controller, enabling Unrestricted Upload of files with dangerous types. Variants are noted across multiple feeds (NVD, CNVD, GHSA, RH—Red Hat) with exploit guidance not provided in the supplied do...