GHSA-x8qp-wqqm-57ph: vue-i18n's escapeParameterHtml does not prevent DOM-based XSS through its tag attributes

GHSA-7xqm-7738-642x: File Browser's Uncontrolled Memory Consumption vulnerability can enable DoS attack due to oversized file processing

GHSA-7mcq-f592-pf7v: Slice Ring Buffer and Slice Deque contains four unique double-free vulnerabilities triggered through safe APIs

GHSA-7xwp-2cpp-p8r7: File Browser’s insecure JWT handling can lead to session replay attacks after logout

GHSA-4q2v-9p7v-3v22: Reactor Netty HTTP is vulnerable to credential leaks during chained redirects

Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms.

**BookStack Incorrect Access Control vulnerability**

High severity GitHub Reviewed Published Jul 10, 2024 to the GitHub Advisory Database • Updated Jul 10, 2024

Headline

GHSA-pj36-fcrg-327j: BookStack Incorrect Access Control vulnerability

ghsa: Latest News