CVE-2023-4624
LowCVSS 2.4Exploitation Probability (EPSS)
Low risk41th percentile — higher than 41% of all known CVEs
Summary
There is a Server-Side Request Forgery (SSRF) vulnerability in the GitHub repository bookstackapp/bookstack prior to version 23.08. This allows attackers to send requests to internal server services, potentially leading to the exposure of sensitive information.
Risk Assessment
This vulnerability could lead to serious security breaches, including data exposure or takeover of internal services. Organizations should be aware of the risks associated with unauthorized access to server resources.
Recommendation
It is recommended to upgrade to version 23.08 or later to mitigate this vulnerability. Additionally, conducting a security audit of the application to identify potential threats is advisable.
Original NVD description (English source)
Server-Side Request Forgery (SSRF) in GitHub repository bookstackapp/bookstack prior to v23.08.

