10 matches found
CVE-2021-4119
BookStack CVE-2021-4119 describes an Improper Access Control vulnerability in BookStack prior to version 21.11.3. The OSV/GHSA entries specify that a logged-in user with no privileges or a guest user (if public access is enabled) can access the /search/users/select endpoint (intended for admins) ...
CVE-2021-4026
CVE-2021-4026 affects BookStack (open-source PHP/Laravel app). The vulnerability is an Improper Access Control in which users with API access can view attachments they should not have read access to, potentially exposing sensitive information. The issue is documented across multiple feeds (NVD en...
CVE-2021-3915
CVE-2021-3915 affects BookStack (BookStackApp) and is due to a lack of file type restrictions in the controller, enabling Unrestricted Upload of files with dangerous types. Variants are noted across multiple feeds (NVD, CNVD, GHSA, RH—Red Hat) with exploit guidance not provided in the supplied do...
CVE-2021-3944
CVE-2021-3944 affects BookStack. Multiple connected sources confirm a cross-site request forgery (CSRF) vulnerability in BookStack/BookStackApp, caused by insufficient CSRF validation. Documented details indicate the issue is CSRF without explicit exploitation vectors or patched versions in the p...
CVE-2021-3916
CVE-2021-3916 affects BookStack (bookstackapp/bookstack). The vulnerability is an Improper Limitation of a Pathname to a Restricted Directory (Path Traversal) in the web-facing file handling, enabling access to files under the storage directory via crafted pathnames. The PoC demonstrates traversa...
CVE-2021-3906
CVE-2021-3906 affects BookStack (bookstackapp/bookstack) via Unrestricted Upload of File with Dangerous Type. The root cause is a validation bypass: trim is applied to single-quoted strings, so an extension like pngr becomes png after trimming, allowing dangerous files to pass validation. This en...
CVE-2021-3767
BookStack (CVE-2021-3767) is affected by a stored Cross-site Scripting (XSS) vulnerability in bookstackapp/bookstack caused by improper neutralization of input during web page generation. Public descriptions and PoCs show injected SVG content (notably via SVG elements and xlink:href) can lead to ...
CVE-2021-3768
CVE-2021-3768 affects BookStack and stems from Improper Neutralization of Input During Web Page Generation, enabling stored Cross-Site Scripting (XSS). The vulnerability affects input handling in bookstack app/book pages and can lead to leakage of administrator cookies and other impacts as descri...
CVE-2021-3758
CVE-2021-3758 affects BookStack (bookstackapp/bookstack). The vulnerability is an SSRF flaw in how a page exported to PDF handles HTML content (e.g., an tag referencing external resources). The PoC shows server-side requests triggered during PDF export, enabling access to internal resources from...
CVE-2021-3874
CVE-2021-3874: Path traversal in bookstackapp/bookstack (BookStack) due to improper restriction of restricted-directory pathnames. Impact described in connected sources as exposure of sensitive files via crafted pathnames (e.g., accessing logs/.htaccess) in BookStack export/filesystem operations....