CVE-2021-3915

MEDIUM

Bookstack < 21.10.3 - Unrestricted File Upload

Title source: rule
STIX 2.1

Description

bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type

References (2)

Core 2
Core References
Exploit, Patch, Third Party Advisory x_refsource_confirm
https://huntr.dev/bounties/fcb65f2d-257a-46f4-bac9-f6ded5649079

Scores

CVSS v3 5.7
EPSS 0.0033
EPSS Percentile 56.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N

Details

CWE
CWE-434
Status published
Products (2)
bookstackapp/bookstack < 21.10.3
ssddanbrown/bookstack 0 - 21.0.3Packagist
Published Nov 13, 2021
Tracked Since Feb 18, 2026