{"id":"CVE-2021-4194","details":"bookstack is vulnerable to Improper Access Control","aliases":["GHSA-ghhm-xrwp-75m9"],"modified":"2026-07-09T00:37:19.068141Z","published":"2022-01-06T18:15:07.920Z","references":[{"type":"EVIDENCE","url":"https://github.com/bookstackapp/bookstack/commit/cb0d674a71449de883713db2fcdccb6e108992ad"},{"type":"EVIDENCE","url":"https://huntr.dev/bounties/0bc8b3f7-9057-4eb7-a989-24cd5689f114"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bookstackapp/bookstack","events":[{"introduced":"0"},{"fixed":"de97ebf9b746912328cdb63fb8f2f4f09641fb28"},{"fixed":"cb0d674a71449de883713db2fcdccb6e108992ad"}],"database_specific":{"source":["CPE_RANGE","REFERENCES"],"cpe":"cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"21.12.1"}]}}],"versions":["v21.12","v21.11.3","v21.11.2","v21.11.1","v21.11","v21.10.3","v21.10.2","v21.10.1","v21.10","v21.08.6","v21.08.5","v21.08.4","v21.08.3","v21.08.2","v21.08.1","v21.08","v21.05.4","v21.05.3","v21.05.2","v21.05.1","v21.05","v21.04.6","v21.04.5","v21.04.4","v21.04.3","v21.04.2","v21.04.1","v21.04","v0.31.8","v0.31.7","v0.31.6","v0.31.5","v0.31.4","v0.31.3","v0.31.2","v0.31.1","v0.31.0","v0.30.7","v0.30.6","v0.30.5","v0.30.4","v0.30.3","v0.30.2","v0.30.1","v0.30.0","v0.29.3","v0.29.2","v0.29.1","v0.29.0","v0.28.3","v0.28.2","v0.28.1","v0.28.0","v0.27.5","v0.27.4","v0.27.3","v0.27.2","v0.27.1","v0.27","v0.26.4","v0.26.3","v0.26.2","v0.26.1","v0.26.0","v0.25.5","v0.25.4","v0.25.3","v0.25.2","v0.25.1","v0.25.0","v0.24.3","v0.24.2","v0.24.1","v0.24.0","v0.23.2","v0.23.1","v0.23.0","v0.22.0","v0.21.0","v0.20.3","v0.20.2","v0.20.1","v0.20.0","v0.19.0","v0.18.5","v0.18.4","v0.18.3","v0.18.2","v0.18.1","v0.18.0","v0.17.4","v0.17.3","v0.17.2","v0.17.1","v0.17.0","v0.16.3","v0.16.2","v0.16.1","v0.16.0","v0.15.3","v0.15.2","v0.15.1","v0.15.0","v0.14.3","v0.14.2","v0.14.1","v0.14.0","v0.13.1","v0.13.0","v0.12.2","v0.12.1","v0.12.0","v0.11.2","v0.11.1","v0.11.0","v0.10.0","v0.9.3","v0.9.2","v0.9.1","v0.9.0","v0.8.2","v0.8.1","v0.8.0","v0.7.6","v0.7.5","v0.7.4","v0.7.3","0.7.2","v.0.7.1","v0.7.0","v0.6.3","v0.6.2","v0.6.1","v0.6.0","v0.5.0"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2021-4194.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N"}]}