CVE-2021-3916: Path Traversal
First published: Fri Nov 05 2021(Updated: )
bookstack is vulnerable to Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal')
Credit: security@huntr.dev
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Bookstackapp Bookstack | <21.10.3 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
Frequently Asked Questions
What is CVE-2021-3916?
CVE-2021-3916 is a vulnerability in the bookstack application that allows improper limitation of a pathname to a restricted directory, also known as path traversal.
How severe is CVE-2021-3916?
CVE-2021-3916 has a severity rating of medium with a CVSS score of 6.5.
What software is affected by CVE-2021-3916?
The bookstack application version up to exclusive 21.10.3 is affected by CVE-2021-3916.
How can I fix CVE-2021-3916?
To fix CVE-2021-3916, update the bookstack application to a version that includes the fix, such as version 21.10.3 or later.
Where can I find more information about CVE-2021-3916?
You can find more information about CVE-2021-3916 at the following references: [link1](https://github.com/bookstackapp/bookstack/commit/43830a372fc51a8793199d04a34c3f4ebdfccc7b), [link2](https://huntr.dev/bounties/0be32e6b-7c48-43f0-9cec-433000ad8f64).
- collector/nvd-index
- agent/event
- vendor/bookstackapp
- canonical/bookstackapp bookstack