CVE-2026-5484 | BookStackApp BookStack up to 26.03 Chapter Export ExportFormatter.php chapterToMarkdown pages access control

A vulnerability categorized as problematic has been discovered in BookStackApp BookStack up to 26.03. Affected is the function chapterToMarkdown of the file app/Exports/ExportFormatter.php of the component Chapter Export Handler. Executing a manipulation of the argument pages can lead to improper access controls.

This vulnerability is registered as CVE-2026-5484. It is possible to launch the attack remotely. Furthermore, an exploit is available.

It is advisable to upgrade the affected component.

The vendor was contacted early, responded in a very professional manner and quickly released a fixed version of the affected product.

CVE-2026-5484 | BookStackApp BookStack up to 26.03 Chapter Export ExportFormatter.php chapterToMarkdown pages access control

Post correlati

CVE-2023-51093 | Tenda M3 1.0.0.12(4856) fromSetLocalVlanInfo stack-based overflow

CVE-2024-0674 | Lamassu Bitcoin ATM Douro Machine 7.1 updatescript.js privileges management

CVE-2024-27237 | Google Android nsmemwipe.c wipe_ns_memory information disclosure

CVE-2019-25612 | Admin-Express AdminExpress 1.2.5.485 System Compare Feature out-of-bounds write (Exploit 46805 / EDB-46805)