{"id":"CVE-2021-3915","details":"bookstack is vulnerable to Unrestricted Upload of File with Dangerous Type","aliases":["GHSA-w2f4-hxpm-mq98"],"modified":"2026-03-14T22:44:06.706146Z","published":"2021-11-13T10:15:07.927Z","references":[{"type":"FIX","url":"https://github.com/bookstackapp/bookstack/commit/ae155d67454d6b9f6c93b2bb457aaa4b2eb1a9ed"},{"type":"FIX","url":"https://huntr.dev/bounties/fcb65f2d-257a-46f4-bac9-f6ded5649079"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/bookstackapp/bookstack","events":[{"introduced":"0"},{"fixed":"01cdbdb7aefe0971474a0301d7e62aacb9253860"},{"fixed":"ae155d67454d6b9f6c93b2bb457aaa4b2eb1a9ed"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"21.10.3"}]}}],"versions":["0.7.2","v.0.7.1","v0.10.0","v0.11.0","v0.11.1","v0.11.2","v0.12.0","v0.12.1","v0.12.2","v0.13.0","v0.13.1","v0.14.0","v0.14.1","v0.14.2","v0.14.3","v0.15.0","v0.15.1","v0.15.2","v0.15.3","v0.16.0","v0.16.1","v0.16.2","v0.16.3","v0.17.0","v0.17.1","v0.17.2","v0.17.3","v0.17.4","v0.18.0","v0.18.1","v0.18.2","v0.18.3","v0.18.4","v0.18.5","v0.19.0","v0.20.0","v0.20.1","v0.20.2","v0.20.3","v0.21.0","v0.22.0","v0.23.0","v0.23.1","v0.23.2","v0.24.0","v0.24.1","v0.24.2","v0.24.3","v0.25.0","v0.25.1","v0.25.2","v0.25.3","v0.25.4","v0.25.5","v0.26.0","v0.26.1","v0.26.2","v0.26.3","v0.26.4","v0.27","v0.27.1","v0.27.2","v0.27.3","v0.27.4","v0.27.5","v0.28.0","v0.28.1","v0.28.2","v0.28.3","v0.29.0","v0.29.1","v0.29.2","v0.29.3","v0.30.0","v0.30.1","v0.30.2","v0.30.3","v0.30.4","v0.30.5","v0.30.6","v0.30.7","v0.31.0","v0.31.1","v0.31.2","v0.31.3","v0.31.4","v0.31.5","v0.31.6","v0.31.7","v0.31.8","v0.5.0","v0.6.0","v0.6.1","v0.6.2","v0.6.3","v0.7.0","v0.7.3","v0.7.4","v0.7.5","v0.7.6","v0.8.0","v0.8.1","v0.8.2","v0.9.0","v0.9.1","v0.9.2","v0.9.3","v21.04","v21.04.1","v21.04.2","v21.04.3","v21.04.4","v21.04.5","v21.04.6","v21.05","v21.05.1","v21.05.2","v21.05.3","v21.05.4","v21.08","v21.08.1","v21.08.2","v21.08.3","v21.08.4","v21.08.5","v21.08.6","v21.10","v21.10.1","v21.10.2"],"database_specific":{"source":"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2021-3915.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:N/A:N"}]}