icon

We found results for “

CVE-2023-4624

Good to know:

icon

Date: August 30, 2023

Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.

Language: PHP

Severity Score

Severity Score

Weakness Type (CWE)

Server-Side Request Forgery (SSRF)

CWE-918

Top Fix

icon

Upgrade Version

Upgrade to version ssddanbrown/bookstack - dev-editor_trim_enhancement;ssddanbrown/bookstack - dev-laravel_upgrade;ssddanbrown/bookstack - dev-public_theme_files;ssddanbrown/bookstack - dev-search_improvements_a;ssddanbrown/bookstack - dev-phpstan;ssddanbrown/bookstack - no_fix;ssddanbrown/bookstack - dev-typescript-conversions;ssddanbrown/bookstack - dev-app_url_requests;ssddanbrown/bookstack - v0.5.0;ssddanbrown/bookstack - dev-l10n_development;ssddanbrown/bookstack - v0.31.x-dev;ssddanbrown/bookstack - v.0.7.1;ssddanbrown/bookstack - dev-oidc_group_sync;ssddanbrown/bookstack - dev-auth_review;ssddanbrown/bookstack - dev-v23-08;ssddanbrown/bookstack - dev-more_lexical_fixes;ssddanbrown/bookstack - dev-tinymce6;ssddanbrown/bookstack - dev-data_streaming;ssddanbrown/bookstack - dev-lexical;ssddanbrown/bookstack - dev-sort_sets;ssddanbrown/bookstack - dev-dependabot/npm_and_yarn/ansi-regex-4.1.1;ssddanbrown/bookstack - dev-pdf_command_option;sierratecnologia/siravel - dev-temp;sierratecnologia/siravel - no_fix;sierratecnologia/templeiro - no_fix

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): HIGH
User Interaction (UI): REQUIRED
Scope (S): UNCHANGED
Confidentiality (C): LOW
Integrity (I): NONE
Availability (A): NONE

Do you need more information?

Contact Us