Cross-Site Scripting Vulnerability in BookStack by BookStack App
CVE-2022-40690
5.4MEDIUM
What is CVE-2022-40690?
A cross-site scripting vulnerability exists in BookStack versions prior to v22.09, enabling remote authenticated attackers to inject arbitrary scripts. This weakness may allow a malicious user to execute unauthorized actions or steal sensitive data through a successful exploitation of user interactions.
Affected Version(s)
BookStack versions prior to v22.09