CVE-2023-6199

Name of the Vulnerable Software and Affected Versions Book Stack version 23.10.2

Description The issue allows filtering local files on the server due to the application being vulnerable to Server-Side Request Forgery (SSRF). SSRF is a type of attack where an attacker can trick a server into making requests to internal or external resources that the server should not access.

Recommendations For Book Stack version 23.10.2, as a temporary workaround, consider restricting access to sensitive local files on the server until a patch is available. At the moment, there is no information about a newer version that contains a fix for this vulnerability.