Aggregates CVE and security vulnerability intelligence across all bookstackapp-related products, including CVSS, EPSS, publication dates, and vulnerability intelligence data.
Historical issues mainly involve vendor risk cross-site scripting, vendor risk ssrf, vendor risk path handling, and vendor risk csrf and related problems; some flaws may lead to vendor impact session compromise.
| CVE | Summary | Source | Max CVSS | EPSS % | Published | Updated |
|---|---|---|---|---|---|---|
| CVE-2017-1000462 | BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code. | [email protected] | 5.4 | 0.76% | 2018-01-03 | 2024-11-21 |