{"id":"CVE-2020-26260","details":"BookStack is a platform for storing and organising information and documentation. In BookStack before version 0.30.5, a user with permissions to edit a page could set certain image URL's to manipulate functionality in the exporting system, which would allow them to make server side requests and/or have access to a wider scope of files within the BookStack file storage locations. The issue was addressed in BookStack v0.30.5. As a workaround, page edit permissions could be limited to only those that are trusted until you can upgrade.","modified":"2026-04-12T00:37:35.897123Z","published":"2020-12-09T17:15:30.477Z","related":["GHSA-8wfc-w2r5-x7cr"],"references":[{"type":"ADVISORY","url":"https://bookstackapp.com/blog/beta-release-v0-30-5/"},{"type":"ADVISORY","url":"https://github.com/BookStackApp/BookStack/releases/tag/v0.30.5"},{"type":"ADVISORY","url":"https://github.com/BookStackApp/BookStack/security/advisories/GHSA-8wfc-w2r5-x7cr"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bookstackapp/bookstack","events":[{"introduced":"0"},{"fixed":"eecc08eddec4c7d58aeeae8ef806b2a852c803e3"}],"database_specific":{"cpe":"cpe:2.3:a:bookstackapp:bookstack:*:*:*:*:*:*:*:*","extracted_events":[{"introduced":"0"},{"fixed":"0.30.5"}],"source":["CPE_FIELD","REFERENCES"]}}],"versions":["0.7.2","v.0.7.1","v0.10.0","v0.11.0","v0.11.1","v0.11.2","v0.12.0","v0.12.1","v0.12.2","v0.13.0","v0.13.1","v0.14.0","v0.14.1","v0.14.2","v0.14.3","v0.15.0","v0.15.1","v0.15.2","v0.15.3","v0.16.0","v0.16.1","v0.16.2","v0.16.3","v0.17.0","v0.17.1","v0.17.2","v0.17.3","v0.17.4","v0.18.0","v0.18.1","v0.18.2","v0.18.3","v0.18.4","v0.18.5","v0.19.0","v0.20.0","v0.20.1","v0.20.2","v0.20.3","v0.21.0","v0.22.0","v0.23.0","v0.23.1","v0.23.2","v0.24.0","v0.24.1","v0.24.2","v0.24.3","v0.25.0","v0.25.1","v0.25.2","v0.25.3","v0.25.4","v0.25.5","v0.26.0","v0.26.1","v0.26.2","v0.26.3","v0.26.4","v0.27","v0.27.1","v0.27.2","v0.27.3","v0.27.4","v0.27.5","v0.28.0","v0.28.1","v0.28.2","v0.28.3","v0.29.0","v0.29.1","v0.29.2","v0.29.3","v0.30.0","v0.30.1","v0.30.2","v0.30.3","v0.30.4","v0.5.0","v0.6.0","v0.6.1","v0.6.2","v0.6.3","v0.7.0","v0.7.3","v0.7.4","v0.7.5","v0.7.6","v0.8.0","v0.8.1","v0.8.2","v0.9.0","v0.9.1","v0.9.2","v0.9.3"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2020-26260.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N"}]}