CVE-2021-3944

CVE-2021-3944 affects BookStack. Multiple connected sources confirm a cross-site request forgery (CSRF) vulnerability in BookStack/BookStackApp, caused by insufficient CSRF validation. Documented details indicate the issue is CSRF without explicit exploitation vectors or patched versions in the p...

BookStack 跨站请求伪造漏洞

BookStack is the BookStackApp team's open source platform for building wiki documents using PHP and Laravel. bookstack suffers from a cross-site request forgery vulnerability, which stems from the software's lack of validation for cross-site request forgery. An attacker could use this vulnerabili...

BookStack Access Control Error Vulnerability

BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel. bookstackapp suffers from an access control error vulnerability that stems from the fact that users with API access can view any attachments to which they do not have re...

GHSA-JM6P-WFJG-XM7X bookstack is vulnerable to Improper Access Control

bookstack is vulnerable to Improper Access Control...

bookstack is vulnerable to Improper Access Control

bookstack is vulnerable to Improper Access Control...

CVE-2021-4026

bookstack is vulnerable to Improper Access Control...

CVE-2021-4026

bookstack is vulnerable to Improper Access Control...

Improper access control

bookstack is vulnerable to Improper Access Control...

CVE-2021-4026

CVE-2021-4026 affects BookStack (open-source PHP/Laravel app). The vulnerability is an Improper Access Control in which users with API access can view attachments they should not have read access to, potentially exposing sensitive information. The issue is documented across multiple feeds (NVD en...

BookStack 访问控制错误漏洞

BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel. bookstackapp suffers from an access control error vulnerability that stems from the fact that users with API access can view any attachments to which they do not have re...

PT-2021-22847 · Bookstack · Bookstack

Name of the Vulnerable Software and Affected Versions: bookstack affected versions not specified Description: The issue is related to Improper Access Control. There is no information provided about the estimated number of potentially affected devices worldwide or real-world incidents where this...

BookStack code issue vulnerability

BookStack is an open-source platform for building wiki documents using PHP and Laravel from the BookStackApp Bookstackapp team.BookStack is vulnerable to a code issue that stems from a lack of file type restrictions in the software's controller.php, which could be exploited by an attacker to...

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...

GHSA-W2F4-HXPM-MQ98 bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...

Unrestricted file upload

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...

CVE-2021-3915

CVE-2021-3915 affects BookStack (BookStackApp) and is due to a lack of file type restrictions in the controller, enabling Unrestricted Upload of files with dangerous types. Variants are noted across multiple feeds (NVD, CNVD, GHSA, RH—Red Hat) with exploit guidance not provided in the supplied do...

BookStack 代码问题漏洞

BookStack is an open-source platform for building wiki documents using PHP and Laravel from the BookStackApp Bookstackapp team.BookStack is vulnerable to a code issue that stems from a lack of file type restrictions in the software's controller.php, which could be exploited by an attacker to...

CVE-2021-3916

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal'...

CVE-2021-3916

bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory 'Path Traversal'...

CVE-2021-3916

CVE-2021-3916 affects BookStack (bookstackapp/bookstack). The vulnerability is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the web-facing file handling, enabling access to files under the storage directory via crafted pathnames. The PoC demonstrates traversa...