Vulnerability CVE-2024-36676


Published: 2024-07-09   Modified: 2024-07-10

Description:
Incorrect access control in BookStack before v24.05.1 allows attackers to confirm existing system users and perform targeted notification email DoS via public facing forms.

 References:
https://github.com/BookStackApp/BookStack/issues/4993
https://www.bookstackapp.com/blog/bookstack-release-v24-05-1/
https://github.com/BookStackApp/BookStack/releases/tag/v24.05.1

Copyright 2026, cxsecurity.com

 

Back to Top