CVE-2017-1000462: XSS
First published: Wed Jan 03 2018(Updated: )
BookStack version 0.18.4 is vulnerable to stored cross-site scripting, within the page creation page, which can result in disruption of service and execution of javascript code.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bookstackapp Bookstack | =0.18.4 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is the vulnerability ID for the BookStack vulnerability?
The vulnerability ID for the BookStack vulnerability is CVE-2017-1000462.
What is the severity rating of CVE-2017-1000462?
CVE-2017-1000462 has a severity rating of medium with a CVSS score of 5.4.
Which version of BookStack is affected by CVE-2017-1000462?
BookStack version 0.18.4 is affected by CVE-2017-1000462.
What is the impact of the CVE-2017-1000462 vulnerability?
The vulnerability allows for stored cross-site scripting within the page creation page, which can result in disruption of service and execution of JavaScript code.
Are there any references or resources related to CVE-2017-1000462?
Yes, you can find more information about CVE-2017-1000462 in the GitHub issue #575 for BookStackApp/BookStack.
- collector/nvd-index
- agent/severity
- agent/author
- agent/references
- agent/weakness
- agent/type
- agent/description
- agent/event
- agent/tags
- agent/first-publish-date
- agent/softwarecombine
- agent/last-modified-date
- collector/mitre-cve
- source/MITRE
- vendor/bookstackapp
- canonical/bookstackapp bookstack
- version/bookstackapp bookstack/0.18.4