Description
Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms.
Related CPE's
Could not find any relations
References
Weaknesses
134c704f-9b21-4f2e-91b3-4a467353bcc0
Secondary
CWE-79
CVSS impact metrics
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
7.5 · High
Information
Source identifier
Vulnerability status
Awaiting analysis
Published
2024-07-09T20:15:02.467Z
1 year agoLast modified
2024-11-21T08:22:31.060Z
1 year ago