Bounties
Partners
Community
Info
bookstackapp / bookstack
Project repository
A platform to create documentation/wiki content built with PHP & Laravel
Submit a report
FIRST INTERACTION
WITHIN
1 DAY
REVIEW
WITHIN
3 DAYS
FIX
WITHIN
9 DAYS
Server Side Request Forgery (SSRF)
Aug 30th 2023
scgajge12
•
Low
Low
•
CVE-2023-4624
CVE-2023-4624
Stored XSS
Mar 10th 2023
pedrojosenavasperez
•
not applicable
Cross-site Scripting (XSS) - Stored
Mar 7th 2022
416e6e61
•
High
•
$35
High
•
$35
•
CVE-2022-0877
CVE-2022-0877
Improper Access Control
Jan 6th 2022
haxatron
•
Medium
•
$118
Medium
•
$118
•
CVE-2021-4194
CVE-2021-4194
Improper Access Control
Dec 15th 2021
haxatron
•
Medium
•
$132
Medium
•
$132
•
CVE-2021-4119
CVE-2021-4119
Improper Access Control
Nov 30th 2021
haxatron
•
Medium
•
$110
Medium
•
$110
•
CVE-2021-4026
CVE-2021-4026
Cross-Site Request Forgery (CSRF)
Dec 1st 2021
haxatron
•
Low
•
$77
Low
•
$77
•
CVE-2021-3944
CVE-2021-3944
Cross-Site Request Forgery (CSRF)
Jan 6th 2022
hdvinnie
•
Medium
•
$55
Medium
•
$55
Path Traversal
Nov 1st 2021
theworstcomrade
•
Medium
Medium
•
CVE-2021-3916
CVE-2021-3916
Unrestricted Upload of File with Dangerous Type
Nov 1st 2021
theworstcomrade
•
High
High
•
CVE-2021-3915
CVE-2021-3915
Unrestricted Upload of File with Dangerous Type
Oct 27th 2021
haxatron
•
Medium
•
$70
Medium
•
$70
•
CVE-2021-3906
CVE-2021-3906
External Control of File Name or Path
Oct 11th 2021
haxatron
•
Low
•
$40
Low
•
$40
Use of Cache Containing Sensitive Information
Oct 8th 2021
haxatron
•
Low
•
$60
Low
•
$60
Path Traversal
Oct 8th 2021
haxatron
•
Medium
•
$80
Medium
•
$80
•
CVE-2021-3874
CVE-2021-3874
Cross-site Scripting (XSS) - Stored
Sep 4th 2021
wezery
•
Medium
•
$50
Medium
•
$50
•
CVE-2021-3767
CVE-2021-3767
Cross-site Scripting (XSS) - Stored
Sep 4th 2021
wezery
•
Medium
•
$80
Medium
•
$80
•
CVE-2021-3768
CVE-2021-3768
Server-Side Request Forgery (SSRF)
Aug 31st 2021
d3adog
•
Medium
•
$80
Medium
•
$80
•
CVE-2021-3758
CVE-2021-3758
CRITICAL
$0
HIGH
$0
MEDIUM
$0
LOW
$0
