3 matches found
CVE-2021-3906
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...
CVE-2021-3906
CVE-2021-3906 affects BookStack (bookstackapp/bookstack) via Unrestricted Upload of File with Dangerous Type. The root cause is a validation bypass: trim is applied to single-quoted strings, so an extension like pngr becomes png after trimming, allowing dangerous files to pass validation. This en...
CVE-2021-3906 Unrestricted Upload of File with Dangerous Type in bookstackapp/bookstack
bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type...