Kenichi Okuno

Researcher fromMitsui Bussan Secure Directions, Inc
#14186of 53,635
18.9Total CVSS
Vulnerabilities · 3
Medium
2
High
1
PT-2022-25476
5.4
2022-10-24
Bookstack · Bookstack · CVE-2022-40690
**Name of the Vulnerable Software and Affected Versions** BookStack versions prior to v22.09 **Description** A cross-site scripting issue allows a remote authenticated attacker to inject an arbitrary script. **Recommendations** For versions prior to v22.09, update to version v22.09 or later to resolve the issue.
PT-2020-18553
7.2
2020-05-20
Unknown · Paid Memberships · CVE-2020-5579
**Name of the Vulnerable Software and Affected Versions** Paid Memberships versions prior to 2.3.3 **Description** The issue allows an attacker with administrator rights to execute arbitrary SQL commands via unspecified vectors. This can be exploited by sending malicious input to vulnerable parameters, potentially leading to unauthorized data access or modification. The estimated number of potentially affected devices worldwide is not specified. **Recommendations** For versions prior to 2.3.3, update to version 2.3.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the database and limiting administrator rights to minimize the risk of exploitation. Avoid using unspecified vectors that may be vulnerable to SQL injection until the issue is resolved.
PT-2020-12516
6.3
2020-05-07
Bookstack · Bookstack · CVE-2020-11055
**Name of the Vulnerable Software and Affected Versions** BookStack versions 0.18.0 through 0.29.1 **Description** The issue allows a user with permission to create comments to inject custom JavaScript code, which could be executed on other users' machines. This is particularly impactful in scenarios where untrusted users have comment creation permissions. The vulnerability arises from the ability to POST HTML directly to the system, which is then saved and displayed to other users. **Recommendations** For BookStack versions 0.18.0 through 0.29.1, update to version 0.29.2 to address the issue. After upgrading, run the command `php artisan bookstack:regenerate-comment-content` to remove any pre-existing dangerous content. As a temporary workaround, consider disabling comments in the system settings or altering comment creation permissions to only trusted users. However, note that altering permissions will not address existing exploitation of this vulnerability.