196 matches found
CVE-2021-4194
bookstack is vulnerable to Improper Access Control...
CVE-2021-4194
bookstack is vulnerable to Improper Access Control...
Improper access control
bookstack is vulnerable to Improper Access Control...
CVE-2021-4194
CVE-2021-4194 is linked to BookStack (bookstackapp/bookstack) and described across multiple feeds as an Improper Access Control vulnerability. The connected documents identify the issue as an access control error but do not provide concrete technical details such as affected versions, root-cause ...
BookStack 访问控制错误漏洞
BookStack is the BookStackApp team's set of open source platform for building wiki documents using PHP and Laravel. bookstack suffers from an access control error vulnerability that stems from a network system or product that does not properly restrict access to resources from unauthorized roles...
Improper Access Control in bookstackapp/bookstack
Description parentChapter permissions are not enforced during sort. Users with only book-update permissions on their own page can move their pages into restricted chapters via modifying the parentChapter id in the sortmap. Users do not need to have access to restricted books / chapter in order to...
BookStack Access Control Error Vulnerability (CNVD-2021-103513)
BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel.BookStack suffers from an access control error vulnerability that makes it vulnerable to improper access control. No detailed vulnerability details are currently availabl...
BookStack is vulnerable to Improper Access Control.
BookStack prior to version 21.11.3 is vulnerable to Improper Access Control. A logged-in user with no privileges OR guest user if public access enabled can access the /search/users/select AJAX endpoint meant for admins to manage audit logs, to dump all usernames existing in the Bookstack database...
GHSA-9C5C-5J4H-8Q2C BookStack is vulnerable to Improper Access Control.
BookStack prior to version 21.11.3 is vulnerable to Improper Access Control. A logged-in user with no privileges OR guest user if public access enabled can access the /search/users/select AJAX endpoint meant for admins to manage audit logs, to dump all usernames existing in the Bookstack database...
CVE-2021-4119
bookstack is vulnerable to Improper Access Control...
CVE-2021-4119
bookstack is vulnerable to Improper Access Control...
Improper access control
bookstack is vulnerable to Improper Access Control...
CVE-2021-4119
BookStack CVE-2021-4119 describes an Improper Access Control vulnerability in BookStack prior to version 21.11.3. The OSV/GHSA entries specify that a logged-in user with no privileges or a guest user (if public access is enabled) can access the /search/users/select endpoint (intended for admins) ...
BookStack 安全漏洞
BookStack is an open source set of BookStackApp Bookstackapp team's platform for building wiki documents using PHP and Laravel.BookStack suffers from an access control error vulnerability that makes it vulnerable to improper access control. No detailed vulnerability details are currently availabl...
PT-2021-23163 · Bookstack · Bookstack
Name of the Vulnerable Software and Affected Versions: BookStack versions prior to 21.11.3 Description: The issue allows a logged-in user with no privileges or a guest user if public access is enabled to access the "/search/users/select" AJAX endpoint, which is meant for admins to manage audit...
bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
GHSA-WC7V-77JR-5C3M bookstack is vulnerable to Cross-Site Request Forgery (CSRF)
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
CVE-2021-3944
bookstack is vulnerable to Cross-Site Request Forgery CSRF...
Cross site request forgery (csrf)
bookstack is vulnerable to Cross-Site Request Forgery CSRF...