CVE-2021-3768

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

Cross site scripting

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

Cross site scripting

bookstack is vulnerable to Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting'...

CVE-2021-3768

CVE-2021-3768 affects BookStack and stems from Improper Neutralization of Input During Web Page Generation, enabling stored Cross-Site Scripting (XSS). The vulnerability affects input handling in bookstack app/book pages and can lead to leakage of administrator cookies and other impacts as descri...

CVE-2021-3767

BookStack (CVE-2021-3767) is affected by a stored Cross-site Scripting (XSS) vulnerability in bookstackapp/bookstack caused by improper neutralization of input during web page generation. Public descriptions and PoCs show injected SVG content (notably via SVG elements and xlink:href) can lead to ...

BookStack 跨站脚本漏洞

BookStack, a platform for storing and organizing information and documents, is vulnerable to a storage cross-site scripting vulnerability. An attacker could use this vulnerability to obtain administrator cookies, etc...

BookStack 跨站脚本漏洞

BookStack is a platform for storing and organizing information and documents. bookStack suffers from a stored cross-site scripting vulnerability. An attacker could use the vulnerability to obtain administrator cookies, among other things...

CVE-2021-3758

bookstack is vulnerable to Server-Side Request Forgery SSRF...

CVE-2021-3758

bookstack is vulnerable to Server-Side Request Forgery SSRF...

Server side request forgery (ssrf)

bookstack is vulnerable to Server-Side Request Forgery SSRF...

CVE-2021-3758

CVE-2021-3758 affects BookStack (bookstackapp/bookstack). The vulnerability is an SSRF flaw in how a page exported to PDF handles HTML content (e.g., an tag referencing external resources). The PoC shows server-side requests triggered during PDF export, enabling access to internal resources from...

CVE-2021-3758 Server-Side Request Forgery (SSRF) in bookstackapp/bookstack

bookstack is vulnerable to Server-Side Request Forgery SSRF...

BookStack 代码问题漏洞

BookStack is an open source platform for building wiki documentation using PHP and Laravel from the BookStackApp Bookstackapp team. Bookstack has a code issue vulnerability that arises from improper design or implementation during code development of a web-based system or product...

CVE-2020-26260

BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make server side requests and/o...

CVE-2020-26260

BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make server side requests and/o...

Information disclosure

BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make server side requests and/o...

CVE-2020-26260 Server Side Request Forgery in BookStack

BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make server side requests and/o...

CVE-2020-26260

Summary: CVE-2020-26260 affects BookStack prior to v0.30.5. A user with page-edit permissions could set certain image URLs to manipulate the exporting system, enabling server-side requests and access to a wider scope of files within BookStack’s file storage. Root cause / impact (as stated): The v...

BookStack Injection Vulnerability

BookStack is an open source platform for building wiki documentation using PHP and Laravel from the BookStackApp Bookstackapp team. BookStack suffers from a security vulnerability that stems from the fact that in BookStack prior to version 0.30.5, users with edit page permissions could set up the...

BookStack cross-site scripting vulnerability (CNVD-2020-63954)

BookStack is BookStackApp team of a set of open source using PHP and Laravel to build wiki documentation platform . A cross-site scripting vulnerability exists in versions prior to BookStack 0.30.4, which stems from a lack of proper validation of client-side data by the WEB application. The...